From c6bfe2aaa9d7c9fe0035171072a0805a1df870ac Mon Sep 17 00:00:00 2001
From: Alexandre Dulaunoy <a@foo.be>
Date: Sat, 28 Dec 2019 15:27:48 +0100
Subject: [PATCH] new: [attribute type] kusto-query attribute type

Kusto query is the query language for the Kusto services in Azure used
to search large dataset. It's used in Windows Defender ATP Hunting-Queries
and also Azure Sentinel (Cloud-native SIEM).
---
 categories-and-types/README.md | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/categories-and-types/README.md b/categories-and-types/README.md
index 9795274..159b940 100644
--- a/categories-and-types/README.md
+++ b/categories-and-types/README.md
@@ -86,6 +86,7 @@
 |issue-date-of-the-visa| | | | | | |
 |ja3-fingerprint-md5| | | | X | | |
 |jabber-id| | | | | | |
+|kusto-query| | X | | | | |
 |last-name| | | | | | |
 |link| X | | | X | | X |
 |mac-address| | | | X | | |
@@ -251,6 +252,7 @@
 |issue-date-of-the-visa| | | | | | |
 |ja3-fingerprint-md5| X | | X | | | |
 |jabber-id| | | | | | |
+|kusto-query| | | | | | |
 |last-name| | | | | | |
 |link| | | X | | | |
 |mac-address| X | | X | | | |
@@ -416,6 +418,7 @@
 |issue-date-of-the-visa| X | | | |
 |ja3-fingerprint-md5| | | | |
 |jabber-id| | X | | |
+|kusto-query| | | | |
 |last-name| X | | | |
 |link| | | X | |
 |mac-address| | | | |
@@ -601,6 +604,7 @@
 *   **issue-date-of-the-visa**: The date on which the visa was issued
 *   **ja3-fingerprint-md5**: JA3 is a method for creating SSL/TLS client fingerprints that should be easy to produce on any platform and can be easily shared for threat intelligence.
 *   **jabber-id**: Jabber ID
+*   **kusto-query**: Kusto query - Kusto from Microsoft Azure is a service for storing and running interactive analytics over Big Data.
 *   **last-name**: Last name of a natural person
 *   **link**: Link to an external information
 *   **mac-address**: Mac address