Warning
Splunkbase Classic has been deprecated and will be deactivated on February 18, 2026.
Defender Advanced Hunting Query App by GoAhead app icon

Defender Advanced Hunting Query App by GoAhead

API wrapper tool for Microsoft Defender Advanced Hunting. Advanced Hunting uses Kusto Query Language (KQL) and the KQL is passed as kql="" on "defkqlg" or "defkqls" custom search command. defkqls StreamingCommand has an unique KQL converter for reducing the query amount against the API quotas limit! Developed by "Tatsuya Hasegawa" in 'GoAhead Inc'.

Built by
splunk product badge
screenshot
Latest Version 1.4.0
April 25, 2025
Compatibility
Splunk Enterprise, Splunk Cloud
Platform Version: 10.1, 10.0, 9.4, 9.3, 9.2, 9.1, 9.0
Rating

0

(0)

Log in to rate this app
Support
Defender Advanced Hunting Query App by GoAhead support icon
Developer Supported addon
Ranking

#32

in Investigative
API wrapper tool for Microsoft Defender Advanced Hunting. Advanced Hunting uses Kusto Query Language (KQL) and the KQL is passed as kql="" on "defkqlg" or "defkqls" custom search command. defkqls StreamingCommand has an unique KQL converter for reducing the query amount against the API quotas limit! Developed by "Tatsuya Hasegawa" in 'GoAhead Inc'. Enjoy deep dive hunting !

Categories

Endpoint, Investigative

Created By

GoAhead Dev Team

Type

addon

Downloads

740

Licensing

Splunk End User License for Third Party Content(Opens new window)

Splunk Answers

Ask a question about this app listing(Opens new window)

Resources

Log in to report this app listing