From e068b81e448dab9ad46ee1813802d95215bbda8f Mon Sep 17 00:00:00 2001
From: Alexandre Dulaunoy <a@foo.be>
Date: Sat, 28 Dec 2019 15:28:59 +0100
Subject: [PATCH] new: [attribute type] kusto-query attribute type

Kusto query is the query language for the Kusto services in Azure used
to search large dataset. It's used in Windows Defender ATP Hunting-Queries
and also Azure Sentinel (Cloud-native SIEM).
---
 _pages/datamodels.md | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/_pages/datamodels.md b/_pages/datamodels.md
index 45a392e..26475f7 100755
--- a/_pages/datamodels.md
+++ b/_pages/datamodels.md
@@ -101,6 +101,7 @@ The MISP format is described as Internet-Draft in [misp-rfc](https://github.com/
 |issue-date-of-the-visa| | | | | | |
 |ja3-fingerprint-md5| | | | X | | |
 |jabber-id| | | | | | |
+|kusto-query| | X | | | | |
 |last-name| | | | | | |
 |link| X | | | X | | X |
 |mac-address| | | | X | | |
@@ -266,6 +267,7 @@ The MISP format is described as Internet-Draft in [misp-rfc](https://github.com/
 |issue-date-of-the-visa| | | | | | |
 |ja3-fingerprint-md5| X | | X | | | |
 |jabber-id| | | | | | |
+|kusto-query| | | | | | |
 |last-name| | | | | | |
 |link| | | X | | | |
 |mac-address| X | | X | | | |
@@ -431,6 +433,7 @@ The MISP format is described as Internet-Draft in [misp-rfc](https://github.com/
 |issue-date-of-the-visa| X | | | |
 |ja3-fingerprint-md5| | | | |
 |jabber-id| | X | | |
+|kusto-query| | | | |
 |last-name| X | | | |
 |link| | | X | |
 |mac-address| | | | |
@@ -616,6 +619,7 @@ The MISP format is described as Internet-Draft in [misp-rfc](https://github.com/
 *   **issue-date-of-the-visa**: The date on which the visa was issued
 *   **ja3-fingerprint-md5**: JA3 is a method for creating SSL/TLS client fingerprints that should be easy to produce on any platform and can be easily shared for threat intelligence.
 *   **jabber-id**: Jabber ID
+*   **kusto-query**: Kusto query - Kusto from Microsoft Azure is a service for storing and running interactive analytics over Big Data.
 *   **last-name**: Last name of a natural person
 *   **link**: Link to an external information
 *   **mac-address**: Mac address