agent skill unreviewed SplunkMicrosoft Sentinel ← Back to agents
View on GitHub →
SIEM Query Builder
unreviewedGenerates optimized SIEM queries from natural language threat descriptions.
Author: detection-engineering
Category: skill
Framework: Claude Code SKILL
License: MIT
Added: Apr 3, 2026
Integrations
SplunkMicrosoft Sentinel
Tags
detectionSIEMthreat-hunting
Describe a threat scenario in plain English and this SKILL generates optimized SPL (Splunk) or KQL (Sentinel) queries. Supports correlation rules, scheduled searches, and alert thresholds.