Workbooks

Browse: 🏠 · Solutions · Connectors · Methods · Tables · Content · Parsers · ASIM Parsers · ASIM Products · 📊

Workbooks are interactive dashboards that visualize security data from Microsoft Sentinel. They combine charts, tables, and text to provide insights into your security posture, help monitor key metrics, and support investigation with drill-down capabilities. Learn more

562 workbooks across all Microsoft Sentinel solutions.

Jump to: # | A | B | C | D | E | F | G | H | I | J | K | L | M | N | O | P | Q | R | S | T | U | V | W | Z

Source: 📦 Solution | 📄 Standalone | 🔗 GitHub Only

Name	Source
1Password	📦 1Password
1Password	🔗 GitHub Only
42CrunchAPIProtectionWorkbook	📦 42Crunch API Protection
42CrunchAPIProtectionWorkbook	🔗 GitHub Only

A

Name	Source
AADManagedIdentitySignInLogs	🔗 GitHub Only
AADNonInteractiveUserSignInLogs	🔗 GitHub Only
AADServicePrincipalSignInLogs	🔗 GitHub Only
AcscEssential8	🔗 GitHub Only
ActionableAlertsDashboard	📦 Cybersixgill-Actionable-Alerts
ActionableAlertsList	📦 Cybersixgill-Actionable-Alerts
AdvancedKQL	📦 KQL Training
AdvancedKQL	🔗 GitHub Only
AdvancedWorkbookConcepts	🔗 GitHub Only
ADXvsLA	🔗 GitHub Only
AIA-Darktrace	📦 AI Analyst Darktrace
AIA-Darktrace	🔗 GitHub Only
AIShield	📦 AIShield AI Security Monitoring
AIVectraDetectWorkbook	📦 Vectra AI Detect
AIVectraDetectWorkbook	🔗 GitHub Only
AksSecurity	📦 Azure kubernetes Service
AksSecurity	🔗 GitHub Only
AliCloudWorkbook	🔗 GitHub Only
AlsidIoA	📦 Alsid For AD
AlsidIoA	🔗 GitHub Only
AlsidIoE	📦 Alsid For AD
AlsidIoE	🔗 GitHub Only
AMAmigrationTracker	🔗 GitHub Only
AmazonWebServicesNetworkActivities	📦 Amazon Web Services
AmazonWebServicesNetworkActivities	🔗 GitHub Only
AmazonWebServicesUserActivities	📦 Amazon Web Services
AmazonWebServicesUserActivities	🔗 GitHub Only
AnalyticsEfficiency	📦 SOC Handbook
AnalyticsEfficiency	🔗 GitHub Only
AnalyticsHealthAudit	🔗 GitHub Only
AnomaliesVisualization	📦 SOC Handbook
AnomaliesVisualization	🔗 GitHub Only
AnomalyData	📦 SOC Handbook
AnomalyData	🔗 GitHub Only
ApacheHTTPServer	📦 ApacheHTTPServer
ArchivingBasicLogsRetention	🔗 GitHub Only
ARGOSCloudSecurityWorkbook	📦 ARGOSCloudSecurity
AristaAwakeSecurityWorkbook	📦 AristaAwakeSecurity
ArmorbloxOverview	📦 Armorblox
ASC-ComplianceandProtection	🔗 GitHub Only
AtlassianJiraAudit	📦 AtlassianJiraAudit
AttackSurfaceReduction	📦 SOC Handbook
AttackSurfaceReduction	🔗 GitHub Only
Auth0Workbook	🔗 GitHub Only
Authomize	📦 Authomize
AutomationHealth	📦 SentinelSOARessentials
AutomationHealth	🔗 GitHub Only
AWSS3	🔗 GitHub Only
AzDDoSStandardWorkbook	📦 Azure DDoS Protection
AzDDoSStandardWorkbook	🔗 GitHub Only
AzureActiveDirectoryAuditLogs	📦 Microsoft Entra ID
AzureActiveDirectoryAuditLogs	🔗 GitHub Only
AzureActiveDirectorySignins	📦 Microsoft Entra ID
AzureActiveDirectorySignins	🔗 GitHub Only
AzureActivity	📦 Azure Activity
AzureActivity	🔗 GitHub Only
AzureAuditActivityAndSignin	🔗 GitHub Only
AzureFirewall	🔗 GitHub Only
AzureFirewallWorkbook	📦 Azure Firewall
AzureFirewallWorkbook	🔗 GitHub Only
AzureFirewallWorkbook-StructuredLogs	📦 Azure Firewall
AzureInformationProtection	🔗 GitHub Only
AzureKeyVaultWorkbook	📦 Azure Key Vault
AzureKeyVaultWorkbook	🔗 GitHub Only
AzureLogCoverage	🔗 GitHub Only
AzureNetworkWatcher	🔗 GitHub Only
AzureOpenAIMonitoring	🔗 GitHub Only
AzureSecurityBenchmark	📦 AzureSecurityBenchmark
AzureSentinelCost	📦 SOC Handbook
AzureSentinelCost	🔗 GitHub Only
AzureSentinelSecurityAlerts	📦 SOC Handbook
AzureSentinelSecurityAlerts	🔗 GitHub Only
AzureSentinelWorkbookForRemovableStorageSecurityEvents	📦 Squadra Technologies SecRmm
AzureServiceHealthWorkbook	📦 Azure Activity
AzureServiceHealthWorkbook	🔗 GitHub Only
AzureThreatResearchMatrixWorkbook	🔗 GitHub Only

B

Name	Source
Barracuda ⚠️	📦 Barracuda CloudGen Firewall
Barracuda	🔗 GitHub Only
BETTER_MTD_Workbook	📦 BETTER Mobile Threat Defense (MTD)
BETTER_MTD_Workbook	🔗 GitHub Only
BeyondTrustPMCloud	📦 BeyondTrustPMCloud
Bitglass	📦 Bitglass
BitSightWorkbook	📦 BitSight
BitwardenEventLogsAuthentication	📦 Bitwarden
BitwardenEventLogsOrganization	📦 Bitwarden
BitwardenEventLogsVaultItems	📦 Bitwarden
BloodHoundEnterpriseAttackPathDetails	📦 BloodHound Enterprise
BloodHoundEnterpriseAttackPathOverview	📦 BloodHound Enterprise
BloodHoundEnterpriseAuditLogs	📦 BloodHound Enterprise
BloodHoundEnterpriseTierZeroSearch	📦 BloodHound Enterprise
BloodHoundFindingTrends	📦 BloodHound Enterprise
BloodHoundPostureHistory	📦 BloodHound Enterprise
Box	📦 Box
Building_a_SOCLargeStaff	📦 SOC-Process-Framework
Building_a_SOCMediumStaff	📦 SOC-Process-Framework
Building_a_SOCPartTimeStaff	📦 SOC-Process-Framework
Building_a_SOCSmallStaff	📦 SOC-Process-Framework

C

Name	Source
CEFOverviewWorkbook	📦 Common Event Format
Censys	📦 Censys
CheckPoint	📦 Check Point
CheckPoint	🔗 GitHub Only
Cisco	📦 CiscoASA
Cisco	🔗 GitHub Only
Cisco Secure Endpoint Overview	📦 Cisco Secure Endpoint
CiscoDuo	📦 CiscoDuoSecurity
CiscoETD	📦 Cisco ETD
CiscoFirepower	🔗 GitHub Only
CiscoISE	📦 Cisco ISE
CiscoMeraki	🔗 GitHub Only
CiscoMerakiWorkbook	📦 CiscoMeraki
CiscoSDWAN	📦 Cisco SD-WAN
CiscoSEG	📦 CiscoSEG
CiscoUmbrella	📦 CiscoUmbrella
CiscoWSA	📦 CiscoWSA
Citrix	📦 Citrix Analytics for Security
Citrix	🔗 GitHub Only
CitrixAnalytics	📦 Citrix Analytics CCF
CitrixWAF	📦 Citrix Web App Firewall
CitrixWAF	🔗 GitHub Only
ClarotyOverview	📦 Claroty
Cloudflare	📦 Cloudflare
Cloudflare	📦 Cloudflare CCF
CloudNGFW-NetworkThreat	📦 Azure Cloud NGFW By Palo Alto Networks
CloudNGFW-Overview	📦 Azure Cloud NGFW By Palo Alto Networks
CodelessConnectorBuilder	🔗 GitHub Only
CofenseIntelligenceThreatIndicators	📦 CofenseIntelligence
CofenseTriageThreatIndicators	📦 CofenseTriage
CognniIncidentsWorkbook	📦 Cognni
CognniIncidentsWorkbook	🔗 GitHub Only
ConditionalAccessSISM	📦 Microsoft Entra ID
ConditionalAccessTrendsandChanges	🔗 GitHub Only
ContinuousDiagnostics&Mitigation	📦 ContinuousDiagnostics&Mitigation
ContrastADR_Command_Injection_Workbook	📦 ContrastADR
ContrastADR_Cross_Site_Scripting_Workbook	📦 ContrastADR
ContrastADR_Expression_Language_Injection_Workbook	📦 ContrastADR
ContrastADR_HTTP_Method_Tampering_Workbook	📦 ContrastADR
ContrastADR_JNDI_Injection_Workbook	📦 ContrastADR
ContrastADR_Path_Traversal_Workbook	📦 ContrastADR
ContrastADR_SQL_Injection_Workbook	📦 ContrastADR
ContrastADR_Untrusted_Deserialization_Workbook	📦 ContrastADR
ContrastADR_XML External_Entity_Injection_Injection_Workbook	📦 ContrastADR
ContrastProtect	📦 Contrast Protect
CopilotforSecurityMonitoring	🔗 GitHub Only
Corelight	📦 Corelight
Corelight_Alert_Aggregations	📦 Corelight
Corelight_AWS_VPC_Flow	📦 Corelight
Corelight_Data_Explorer	📦 Corelight
Corelight_Security_Workflow	📦 Corelight
Corelight_Sensor_Overview	📦 Corelight
CPEMAlertOverview	📦 Check Point Cyberint Alerts
CriblWorkbook	🔗 GitHub Only
CrowdStrikeFalconEndpointProtection	📦 CrowdStrike Falcon Endpoint Protection
CTERA_Workbook	📦 CTERA
CyberArkEPM	📦 CyberArkEPM
CyberArkEPV	📦 CyberArk Privilege Access Manager (PAM) Events
CyberArkEPV	🔗 GitHub Only
CyberpionOverviewWorkbook	🔗 GitHub Only
CybersecurityMaturityModelCertification_CMMCV2	📦 CybersecurityMaturityModelCertification(CMMC)2.0
CybleVisionAlertsWorkbook	📦 Cyble Vision
Cyjax	📦 Cyjax
CynerioOverviewWorkbook	📦 Cynerio
CyrenThreatIntelligenceDashboard	📦 CyrenThreatIntelligence

D

Name	Source
DarktraceWorkbook	📦 Darktrace
Data_Latency_Workbook	🔗 GitHub Only
DataCollectionHealthMonitoring	🔗 GitHub Only
DataminrPulseAlerts	📦 Dataminr Pulse
DCR-Toolkit	🔗 GitHub Only
DefendMetrics	📦 Egress Defend
DelineaWorkbook	📦 Delinea Secret Server
DelineaWorkbook	🔗 GitHub Only
DigitalGuardian	📦 Digital Guardian Data Loss Prevention
DigitalShadows	📦 Digital Shadows
Dns	📦 Windows Server DNS
Dns	🔗 GitHub Only
DNSSolutionWorkbook	📦 DNS Essentials
DoDZeroTrustWorkbook	🔗 GitHub Only
Doppel	📦 Doppel
DORACompliance	📦 DORA Compliance
DPDPCompliance	📦 DPDP Compliance
DSTIMWorkbook	🔗 GitHub Only
DuoSecurity	🔗 GitHub Only
Dynamics365Activity	📦 Microsoft Business Applications
DynamicThreatModeling&Response	📦 ThreatAnalysis&Response
Dynatrace	📦 Dynatrace

E

Name	Source
EatonForeseerHealthAndAccess	📦 EatonForeseer
ESETPROTECT	📦 ESETPROTECT
esetSMCWorkbook	📦 Eset Security Management Center
esetSMCWorkbook	🔗 GitHub Only
EventAnalyzer	📦 Windows Security Events
EventAnalyzer	🔗 GitHub Only
ExchangeCompromiseHunting	🔗 GitHub Only
ExchangeOnline	📦 Microsoft 365
ExchangeOnline	🔗 GitHub Only
ExtraHopDetectionsOverview	📦 ExtraHop
ExtraHopDetectionSummary	📦 ExtraHop Reveal(x)
ExtraHopDetectionSummary	🔗 GitHub Only
eyeInspectOTSecurityWorkbook	📦 Forescout eyeInspect for OT Security

F

Name	Source
F5BIGIPSystemMetrics	📦 F5 Big-IP
F5BIGIPSystemMetrics	🔗 GitHub Only
F5Networks	📦 F5 Big-IP
F5Networks	🔗 GitHub Only
FlareSystemsFireworkOverview	📦 Flare
ForcepointCASB	📦 Forcepoint CASB
ForcepointCASB	🔗 GitHub Only
ForcepointCloudSecuirtyGateway	📦 Forcepoint CSG
ForcepointCloudSecuirtyGatewayworkbook	🔗 GitHub Only
ForcepointDLP	📦 Forcepoint DLP
ForcepointDLP	🔗 GitHub Only
ForcepointNGFW	📦 Forcepoint NGFW
ForcepointNGFW	🔗 GitHub Only
ForcepointNGFWAdvanced	📦 Forcepoint NGFW
ForcepointNGFWAdvanced	🔗 GitHub Only
ForescoutHostPropertyMonitorWorkbook	📦 ForescoutHostPropertyMonitor
Fortigate	📦 Fortinet FortiGate Next-Generation Firewall connector for Microsoft Sentinel
Fortigate	🔗 GitHub Only
FortinetFortiNdrCloudWorkbook	📦 Fortinet FortiNDR Cloud
Fortiweb-workbook	📦 Fortinet FortiWeb Cloud WAF-as-a-Service connector for Microsoft Sentinel

G

Name	Source
GCP_IAM	📦 GoogleCloudPlatformIAM
GCPDNS	📦 GoogleCloudPlatformDNS
GDPRComplianceAndDataSecurity	📦 GDPR Compliance & Data Security
Gigamon	📦 Gigamon Connector
GitHub	📦 GitHub
GitHubAdvancedSecurity	📦 GitHub
GitHubSecurityWorkbook	🔗 GitHub Only
GoogleWorkspace	📦 GoogleWorkspaceReports
GreyNoiseOverview	📦 GreyNoiseThreatIntelligence
GSAM365EnrichedEvents	📦 Global Secure Access
GSAMCPInsights	📦 Global Secure Access
GSANetworkTraffic	📦 Global Secure Access
GuardianDashboard	📦 AIShield AI Security Monitoring

H

Name	Source
HIPAACompliance	📦 HIPAA Compliance

I

Name	Source
ibossMalwareAndC2	📦 iboss
ibossWebUsage	📦 iboss
IdentityAndAccess	📦 Windows Security Events
IdentityAndAccess	🔗 GitHub Only
IllumioAuditableEvents	📦 IllumioSaaS
IllumioFlowData	📦 IllumioSaaS
IllumioOnPremHealth	📦 IllumioSaaS
IllumioWorkloadsStats	📦 IllumioSaaS
IllusiveADS	📦 Illusive Platform
IllusiveADS	🔗 GitHub Only
IllusiveASM	📦 Illusive Platform
IllusiveASM	🔗 GitHub Only
Imperva WAF Cloud Overview	📦 ImpervaCloudWAF
IncidentOverview ⚠️	📦 SentinelSOARessentials
IncidentOverview	📦 SOC Handbook
IncidentOverview	🔗 GitHub Only
IncidentTasksWorkbook	📦 SentinelSOARessentials
IncidentTasksWorkbook	🔗 GitHub Only
Infoblox-Workbook-V2	📦 Infoblox NIOS
Infoblox_Lookup_Workbook	📦 Infoblox
Infoblox_Workbook	📦 Infoblox
InfobloxCDCB1TDWorkbook	📦 Infoblox Cloud Data Connector
InfobloxNIOS	🔗 GitHub Only
InfobloxSOCInsightsWorkbook	📦 Infoblox SOC Insights
InfoSecGlobal	📦 AgileSec Analytics Connector
InsecureProtocols	🔗 GitHub Only
InsiderRiskManagement	📦 MicrosoftPurviewInsiderRiskManagement
IntrotoKQL	📦 KQL Training
IntrotoKQL	🔗 GitHub Only
IntsightsIOCWorkbook	📦 SOC Handbook
IntsightsIOCWorkbook	🔗 GitHub Only
InvestigationInsights	📦 SOC Handbook
InvestigationInsights	🔗 GitHub Only
IONIXOverviewWorkbook	📦 IONIX
IOT_Alerts	🔗 GitHub Only
IoTAssetDiscovery	🔗 GitHub Only
IoTOTThreatMonitoringwithDefenderforIoT	📦 IoTOTThreatMonitoringwithDefenderforIoT
IronDefenseAlertDashboard	📦 IronNet IronDefense
IronDefenseAlertDetails	📦 IronNet IronDefense
IslandAdminAuditOverview	📦 Island
IslandUserActivityOverview	📦 Island

J

Name	Source
JamfProtectDashboard	📦 Jamf Protect

K

Name	Source
KeeperSecurityDashboard	📦 Keeper Security
KeeperSecurityDashboard	🔗 GitHub Only
KnowBe4DefendMetrics	📦 KnowBe4 Defend

L

Name	Source
LastPassWorkbook	📦 Lastpass Enterprise Activity Monitoring
LinuxMachines	📦 Syslog
LinuxMachines	🔗 GitHub Only
Log4jImpactAssessment	📦 Apache Log4j Vulnerability Detection
Log4jPostCompromiseHunting	📦 Apache Log4j Vulnerability Detection
Log4jPostCompromiseHunting	🔗 GitHub Only
LogAnalyticsQueryAnalysis	🔗 GitHub Only
LogSourcesAndAnalyticRulesCoverage	🔗 GitHub Only
LookoutEvents	📦 Lookout
LookoutEventsV2	📦 Lookout
LookoutExecutiveDashboard	📦 Lookout
LookoutIOAInvestigationDashboard	📦 Lookout
LookoutSecurityInvestigationDashboard	📦 Lookout
Lumen-Threat-Feed-Overview	📦 Lumen Defender Threat Feed

M

Name	Source
M365SecurityPosture	🔗 GitHub Only
MailGuard365Dashboard ⚠️	📦 MailGuard 365
MalwareProtectionEssentialsWorkbook	📦 Malware Protection Essentials
ManualSentinelIncident	🔗 GitHub Only
MaturityModelForEventLogManagement_M2131	📦 MaturityModelForEventLogManagementM2131
McAfeeePOOverview	📦 McAfee ePolicy Orchestrator
Microsoft Exchange Admin Activity	📦 Microsoft Exchange Security - Exchange On-Premises
Microsoft Exchange Admin Activity - Online	📦 Microsoft Exchange Security - Exchange Online
Microsoft Exchange Least Privilege with RBAC	📦 Microsoft Exchange Security - Exchange On-Premises
Microsoft Exchange Least Privilege with RBAC - Online	📦 Microsoft Exchange Security - Exchange Online
Microsoft Exchange Search AdminAuditLog	📦 Microsoft Exchange Security - Exchange On-Premises
Microsoft Exchange Search AdminAuditLog - Online	📦 Microsoft Exchange Security - Exchange Online
Microsoft Exchange Security Review	📦 Microsoft Exchange Security - Exchange On-Premises
Microsoft Exchange Security Review - Online	📦 Microsoft Exchange Security - Exchange Online
MicrosoftCloudAppSecurity	📦 Microsoft Defender for Cloud Apps
MicrosoftCloudAppSecurity	🔗 GitHub Only
MicrosoftCopilotActivityMonitoring	📦 Microsoft Copilot
MicrosoftCopilotActivityMonitoring	🔗 GitHub Only
MicrosoftDefenderForEndPoint	📦 Microsoft Defender XDR
MicrosoftDefenderForEndPoint	🔗 GitHub Only
MicrosoftDefenderForIdentity	📦 Microsoft Defender XDR
microsoftdefenderforidentity	🔗 GitHub Only
MicrosoftDefenderForOffice365	📦 Microsoft Defender for Office 365
MicrosoftDefenderForOffice365	🔗 GitHub Only
MicrosoftDefenderForOffice365detectionsandinsights	📦 Microsoft Defender XDR
MicrosoftGraphActivityLogs	🔗 GitHub Only
MicrosoftPowerBIActivityWorkbook	📦 Microsoft PowerBI
MicrosoftPurview	📦 Microsoft Purview
MicrosoftPurviewInformationProtection	🔗 GitHub Only
MicrosoftSentinelCostEUR	🔗 GitHub Only
MicrosoftSentinelCostGBP	🔗 GitHub Only
MicrosoftSentinelDeploymentandMigrationTracker	🔗 GitHub Only
MicrosoftTeams	📦 Teams
MicrosoftTeams	🔗 GitHub Only
MicrosoftThreatIntelligence	📦 Microsoft Defender Threat Intelligence
Mimecast_Audit_Workbook	📦 Mimecast
Mimecast_Awareness_Training_Workbook	📦 Mimecast
Mimecast_Cloud_Integrated_Workbook	📦 Mimecast
Mimecast_SEG_Workbook	📦 Mimecast
Mimecast_TTP_Workbook	📦 Mimecast
MimecastAudit	📦 MimecastAudit
MimecastSEGworkbook	📦 MimecastSEG
MimecastTIRegional	📦 MimecastTIRegional
MimecastTTPWorkbook	📦 MimecastTTP
MITREAttack	📦 SOC Handbook
MITREAttack	🔗 GitHub Only

N

Name	Source
NetCleanProActiveWorkbook	📦 NetClean ProActive
NetskopeCCFWebtxDashboard	📦 Netskopev2
NetskopeCCPDashboard	📦 Netskopev2
NetskopeCEDashboard	📦 Netskopev2
NetskopeDashboard	📦 Netskopev2
NetskopeEvents	📦 Netskope
NetskopeEvents	🔗 GitHub Only
NetskopeWebTx_Workbook	📦 NetskopeWebTx
NetskopeWebTx_Workbook	🔗 GitHub Only
NetworkSessionEssentials	📦 Network Session Essentials
NetworkSessionEssentialsV2	📦 Network Session Essentials
NGINX	📦 NGINX HTTP Server
NISTSP80053	📦 NISTSP80053
NordPass	📦 NordPass
NordPass	🔗 GitHub Only
NormalizedNetworkEvents	🔗 GitHub Only
NSSAuditLogs	📦 Zscaler Internet Access
NSSCASBActivityLogs	📦 Zscaler Internet Access
NSSCASBCloudStorageLogs	📦 Zscaler Internet Access
NSSCASBCollabLogs	📦 Zscaler Internet Access
NSSCASBCRMLogs	📦 Zscaler Internet Access
NSSCASBEmail	📦 Zscaler Internet Access
NSSCASBFileSharingLogs	📦 Zscaler Internet Access
NSSCASBITSMLogs	📦 Zscaler Internet Access
NSSCASBRepoLogs	📦 Zscaler Internet Access
NSSDNSLogs	📦 Zscaler Internet Access
NSSEmailDLPLogs	📦 Zscaler Internet Access
NSSEndpointDLPLogs	📦 Zscaler Internet Access
NSSFWLogs	📦 Zscaler Internet Access
NSSTunnelLogs	📦 Zscaler Internet Access
NSSWebLogsOffice365	📦 Zscaler Internet Access
NSSWebLogsOverview	📦 Zscaler Internet Access
NSSWebLogsThreats	📦 Zscaler Internet Access
NucleusCyber_NCProtect_Workbook	📦 NC Protect Data Connector

O

Name	Source
Office365	📦 Microsoft 365
Office365	🔗 GitHub Only
OktaSingleSignOn	📦 Okta Single Sign-On
OnapsisAlarmsOverview	📦 Onapsis Platform
OnapsisAlarmsOverview	🔗 GitHub Only
OneIdentity	📦 OneIdentity
OneIdentity	🔗 GitHub Only
OptimizationWorkbook	🔗 GitHub Only
OracleCloudInfrastructureOCI	📦 Oracle Cloud Infrastructure
OracleDatabaseAudit	📦 OracleDatabaseAudit
OracleWorkbook	📦 OracleWebLogicServer
OrcaAlerts	📦 Orca Security Alerts
OrcaAlerts	🔗 GitHub Only

P

Name	Source
PaloAltoCDL	📦 PaloAltoCDL
PaloAltoNetworkThreat	📦 PaloAlto-PAN-OS
PaloAltoNetworkThreat	🔗 GitHub Only
PaloAltoOverview	📦 PaloAlto-PAN-OS
PaloAltoOverview	🔗 GitHub Only
PaloAltoPrismaCloudOverview	📦 PaloAltoPrismaCloud
PaloAltoXDR ⚠️	📦 Palo Alto - XDR (Cortex)
PCIDSSCompliance	📦 PCI DSS Compliance
Perimeter81OverviewWorkbook	📦 Perimeter 81
Perimeter81OverviewWorkbook	🔗 GitHub Only
pfsense	🔗 GitHub Only
PhishingAnalysis	🔗 GitHub Only
PingFederate	📦 PingFederate
PlaybookHealth	🔗 GitHub Only
PrancerSentinelAnalytics ⚠️	📦 Prancer PenSuiteAI Integration
PrancerSentinelAnalytics	🔗 GitHub Only
PreventWorkbook	📦 Egress Iris
ProofpointPOD	📦 Proofpoint On demand(POD) Email Security
ProofpointPOD	🔗 GitHub Only
ProofpointTAP	📦 ProofPointTap
ProofpointTAP	🔗 GitHub Only
ProofPointThreatDashboard	🔗 GitHub Only
PulseConnectSecure	📦 Pulse Connect Secure
PulseConnectSecure	🔗 GitHub Only

Q

Name	Source
QscoutDashboards	📦 Quokka
QualysVM	🔗 GitHub Only
QualysVMv2	📦 QualysVM
QualysVMv2	🔗 GitHub Only

R

Name	Source
RecordedFutureAlertOverview	📦 Recorded Future
RecordedFutureDomainCorrelation	📦 Recorded Future
RecordedFutureHashCorrelation	📦 Recorded Future
RecordedFutureIPCorrelation	📦 Recorded Future
RecordedFutureMalwareThreatHunting	📦 Recorded Future
RecordedFuturePlaybookAlertOverview	📦 Recorded Future
RecordedFutureThreatActorHunting	📦 Recorded Future
RecordedFutureURLCorrelation	📦 Recorded Future
ReversingLabs-CapabilitiesOverview	📦 ReversingLabs

S

Name	Source
SalemDashboard	📦 SalemCyber
SalesforceServiceCloud	📦 Salesforce Service Cloud
SamsungKnoxAssetIntelligence	📦 Samsung Knox Asset Intelligence
SamsungKnoxAssetIntelligence	🔗 GitHub Only
SAPBTPActivity	📦 SAP BTP
SAPLogServObserve	📦 SAP LogServ
SecurityBridgeThreatDetectionforSAP	📦 SecurityBridge App
SecurityOperationsEfficiency	📦 SentinelSOARessentials
SecurityOperationsEfficiency	📦 SOC Handbook
SecurityOperationsEfficiency	🔗 GitHub Only
SecurityScorecardWorkbook	📦 SecurityScorecard Cybersecurity Ratings
SecurityStatus	📦 SOC Handbook
SecurityStatus	🔗 GitHub Only
SemperisDSPADChanges	📦 Semperis Directory Services Protector
SemperisDSPNotifications	📦 Semperis Directory Services Protector
SemperisDSPQuickviewDashboard	📦 Semperis Directory Services Protector
SemperisDSPSecurityIndicators	📦 Semperis Directory Services Protector
SemperisDSPWorkbook ⚠️	📦 Semperis Directory Services Protector
SenservaProAnalyticsWorkbook	📦 SenservaPro
SenservaProMultipleWorkspaceWorkbook	📦 SenservaPro
SenservaProSecureScoreMultiTenantWorkbook	📦 SenservaPro
SensitiveOperationsinAzureActivityLogReview	🔗 GitHub Only
Sentinel_Central	🔗 GitHub Only
SentinelCentral	📦 SOC Handbook
SentinelCosts	🔗 GitHub Only
SentinelHealth	🔗 GitHub Only
SentinelOne	📦 SentinelOne
SentinelWorkspaceReconTools	🔗 GitHub Only
SharePointAndOneDrive	📦 Microsoft 365
SharePointAndOneDrive	🔗 GitHub Only
SilverfortWorkbook	📦 Silverfort
SlackAudit	📦 SlackAudit
Snowflake	📦 Snowflake
SOCIRPlanning	📦 SOC-Process-Framework
SOCProcessFramework	📦 SOC-Process-Framework
SOCProcessFramework	🔗 GitHub Only
SOCRadar-Dashboard	📦 SOCRadar
SolarWindsPostCompromiseHunting	🔗 GitHub Only
SonicWallFirewall	📦 SonicWall Firewall
SonicWallFirewall	🔗 GitHub Only
Sonrai	📦 SonraiSecurity
SophosXGFirewall	📦 Sophos XG Firewall
SophosXGFirewall	🔗 GitHub Only
SOXITCompliance	📦 SOX IT Compliance
SquadraTechnologiesSecRMM	🔗 GitHub Only
SummaryRulesWorkbook	🔗 GitHub Only
SymantecEndpointProtection	📦 Symantec Endpoint Protection
SymantecProxySG	📦 SymantecProxySG
SymantecProxySG	🔗 GitHub Only
SymantecVIP	📦 Symantec VIP
SymantecVIP	🔗 GitHub Only
Syslog-Bifurcation	🔗 GitHub Only
SyslogConnectorsOverviewWorkbook	📦 Syslog
syslogoverview	🔗 GitHub Only
SysmonThreatHunting	🔗 GitHub Only

T

Name	Source
TacitRedSecOpsWorkbook	📦 TacitRedThreatIntelligence
TalonInsights	📦 Talon
TalonInsights	🔗 GitHub Only
TaniumWorkbook	📦 Tanium
TeamCymruScout	📦 Team Cymru Scout
TenableAdIoA ⚠️	📦 TenableAD
TenableAdIoE ⚠️	📦 TenableAD
TenableIEIoA	📦 Tenable App
TenableIEIoE	📦 Tenable App
Theom	📦 Theom
ThreatAnalysis&Response	📦 ThreatAnalysis&Response
ThreatConnectOverview	📦 ThreatConnect
ThreatIntelligence	📦 Threat Intelligence
ThreatIntelligence	🔗 GitHub Only
ThreatIntelligenceNew	📦 Threat Intelligence (NEW)
Tomcat	📦 Tomcat
TrendMicroApexOne	📦 Trend Micro Apex One
TrendMicroCAS	📦 Trend Micro Cloud App Security
TrendMicroDeepSecurityAttackActivity	📦 Trend Micro Deep Security
TrendMicroDeepSecurityAttackActivity	🔗 GitHub Only
TrendMicroDeepSecurityOverview	📦 Trend Micro Deep Security
TrendMicroDeepSecurityOverview	🔗 GitHub Only
TrendMicroXDROverview	📦 Trend Micro Vision One
TrendMicroXDROverview	🔗 GitHub Only

U

Name	Source
Ubiquiti	📦 Ubiquiti UniFi
UEBABehaviorsAnalysisWorkbook	📦 UEBA Essentials
UnifiSG	🔗 GitHub Only
UnifiSGNetflow	🔗 GitHub Only
UpdateSOCMaturityScore	📦 SOC-Process-Framework
usecasemapper	🔗 GitHub Only
User_Analytics_Workbook	🔗 GitHub Only
UserEntityBehaviorAnalytics	🔗 GitHub Only
UserMap	🔗 GitHub Only

V

Name	Source
VaikoraAgentSignalsDashboard	📦 Vaikora-Sentinel
ValenceAlertsWorkbook	📦 Valence Security
vArmour_AppContoller_Workbook	📦 vArmour Application Controller
VaronisSaaS	📦 VaronisSaaS
vCenter	📦 VMware vCenter
VectraXDR	📦 Vectra XDR
VeeamDataPlatformMonitoring	📦 Veeam
VeeamDataPlatformMonitoring	🔗 GitHub Only
VeeamSecurityActivites	🔗 GitHub Only
VeeamSecurityActivities	📦 Veeam
VeeamSecurityActivities	🔗 GitHub Only
VirtualMachinesInsights	🔗 GitHub Only
VisualizationDemo	🔗 GitHub Only
VMwareCarbonBlack	📦 VMware Carbon Black Cloud
VMWareESXi	📦 VMWareESXi
VMwareSASESOCDashboard	📦 VMware SASE
Votiro Monitoring Dashboard	📦 Votiro
VTI_IOC_Feed	📦 Visa Threat Intelligence (VTI)

W

Name	Source
WatchGuardFireboxWorkbook	🔗 GitHub Only
WebApplicationFirewallFirewallEvents	📦 Azure Web Application Firewall (WAF)
WebApplicationFirewallFirewallEvents	🔗 GitHub Only
WebApplicationFirewallGatewayAccessEvents	📦 Azure Web Application Firewall (WAF)
WebApplicationFirewallGatewayAccessEvents	🔗 GitHub Only
WebApplicationFirewallOverview	📦 Azure Web Application Firewall (WAF)
WebApplicationFirewallOverview	🔗 GitHub Only
WebApplicationFirewallWAFTypeEvents	📦 Azure Web Application Firewall (WAF)
WebApplicationFirewallWAFTypeEvents	🔗 GitHub Only
WebSessionEssentials	📦 Web Session Essentials
WindowsAuditChecker	🔗 GitHub Only
WindowsFirewall	📦 Windows Firewall
WindowsFirewall	🔗 GitHub Only
WindowsFirewallViaAMA	🔗 GitHub Only
WithSecureTopComputersByInfections	📦 WithSecureElementsViaFunction
WithSecureTopComputersByInfections	🔗 GitHub Only
WizFindings	📦 Wiz
Workbook-AzureSQLSecurity	📦 Azure SQL Database solution for sentinel
workbooksMetadata ⚠️	📦 Semperis Directory Services Protector
WorkspaceAuditing	🔗 GitHub Only
WorkspaceUsage	🔗 GitHub Only

Z

Name	Source
ZeroTrustStrategyWorkbook	🔗 GitHub Only
ZeroTrustTIC3	📦 ZeroTrust(TIC3.0)
ZimperiumWorkbooks	📦 Zimperium Mobile Threat Defense
ZimperiumWorkbooks	🔗 GitHub Only
ZNSegmentAudit	📦 ZeroNetworks
ZoomReports	📦 ZoomReports
ZscalerFirewall	🔗 GitHub Only
ZscalerOffice365Apps	🔗 GitHub Only
ZscalerThreats	🔗 GitHub Only
ZscalerWebOverview	🔗 GitHub Only
ZscalerZPA	📦 Zscaler Private Access (ZPA)

⚠️ Items marked with ⚠️ are not listed in their Solution JSON file. They were discovered by scanning solution folders.

Browse: 🏠 · Solutions · Connectors · Methods · Tables · Content · Parsers · ASIM Parsers · ASIM Products · 📊

↑ Back to Content Index