new: [attribute type] kusto-query attribute type

Kusto query is the query language for the Kusto services in Azure used to search large dataset. It's used in Windows Defender ATP Hunting-Queries and also Azure Sentinel (Cloud-native SIEM).
2019-12-28 15:28:59 +01:00 · 2019-12-28 15:28:59 +01:00 · e068b81e44
parent 1b8e856a55
commit e068b81e44
1 changed files with 4 additions and 0 deletions
--- a/_pages/datamodels.md
+++ b/_pages/datamodels.md
@ -101,6 +101,7 @@ The MISP format is described as Internet-Draft in [misp-rfc](https://github.com/
 |issue-date-of-the-visa| | | | | | |
 |ja3-fingerprint-md5| | | | X | | |
 |jabber-id| | | | | | |
+|kusto-query| | X | | | | |
 |last-name| | | | | | |
 |link| X | | | X | | X |
 |mac-address| | | | X | | |
@ -266,6 +267,7 @@ The MISP format is described as Internet-Draft in [misp-rfc](https://github.com/
 |issue-date-of-the-visa| | | | | | |
 |ja3-fingerprint-md5| X | | X | | | |
 |jabber-id| | | | | | |
+|kusto-query| | | | | | |
 |last-name| | | | | | |
 |link| | | X | | | |
 |mac-address| X | | X | | | |
@ -431,6 +433,7 @@ The MISP format is described as Internet-Draft in [misp-rfc](https://github.com/
 |issue-date-of-the-visa| X | | | |
 |ja3-fingerprint-md5| | | | |
 |jabber-id| | X | | |
+|kusto-query| | | | |
 |last-name| X | | | |
 |link| | | X | |
 |mac-address| | | | |
@ -616,6 +619,7 @@ The MISP format is described as Internet-Draft in [misp-rfc](https://github.com/
 *   **issue-date-of-the-visa**: The date on which the visa was issued
 *   **ja3-fingerprint-md5**: JA3 is a method for creating SSL/TLS client fingerprints that should be easy to produce on any platform and can be easily shared for threat intelligence.
 *   **jabber-id**: Jabber ID
+*   **kusto-query**: Kusto query - Kusto from Microsoft Azure is a service for storing and running interactive analytics over Big Data.
 *   **last-name**: Last name of a natural person
 *   **link**: Link to an external information
 *   **mac-address**: Mac address