Liongard Library

Welcome to Liongard Library, where Lions share! This is a community-led space where Liongard users can come to teach and learn from one another.
Share custom Metrics, get inspired and see what’s trending in the Pride.

Pride Etiquette:
➕ Have great custom Metrics? Add them as entries!
🌟 Want to use a Metric? Copy the query and follow this doc.
👍 Tried a Metric from the Library? Like it!
📣 Have a question or feedback on a Metric? Add a comment!
🔎 Not sure where to start? Learn about Metrics and how to write them.
💬 Need help writing a metric or want to help support others? Join the conversation in our Liongard Lounge #metrics slack channel.


🥴 See something off? Open a support chat to let us know.

ADD A NEW METRIC ENTRY

All Metric entries

Showing 917 of 917

Microsoft 365: Defender - ATP Protection Enabled

Metric Name: Microsoft 365: Defender - ATP Protection Enabled Category: Security Description: This metric evaluates whether Advanced Threat Protection (ATP) is enabled within Microsoft 365 Defender. It helps ensure that advanced threat prevention ...
Lamont Largie about 2 months ago in Microsoft 365 0

Azure Active Directory: Days Since Last AADC Sync

Counts the number of days since the last Azure Active Directory Connect (AADC) sync. Useful for determining if there is an issue as it should always be <1.
Robbie Kibler over 3 years ago in Azure Active Directory 6

M365: AAD App Secrets Expiring within 30 days

Looks for applications with expiring/expired secrets (within 30 days), then outputs the Application name, and the secrets associated that are expiring/expired.
Leland Shane over 1 year ago in Microsoft 365 0

ESET Licensing: License Overusage

This query is used to check for license overusage and reports it if there's license overusage.
Niels van Aert 2 months ago in ESET Licensing 0

Microsoft 365: SSO Certificate Expiring in 30 days

This will find any SSO certificates that are going to expire in 30 days or less.
Guest 5 months ago in Azure 0

Windows Server: AV/EDR - Sophos, Huntress, Defender Installed

Windows Server: Software Compliance - Sophos, Huntress, Defender Installed Category: Software Compliance Description: This metric pulls a list of all installed software from endpoints, specifically filtering for security-related software such as S...
Lamont Largie 3 months ago in Windows Server 0

Windows Workstation: Windows11 Compatible

This metric will assess whether your workstations are compatible with the upgrade to Windows 11.
De'Shard Brown 8 months ago in Windows Workstation 1

Fortigate: Show DeviceVersion, Current Firmware and Available Firmware

Patching devices is a critical component to CyberSecurity. Ensuring products are patched and updated, this metric shows you the current version and the available update with Fortigate version 7.x
Scott Davis almost 2 years ago in Fortinet FortiGate 0

JumpCloud: Users - MFA Status List

Lists all users and their MFA status including: Name Account Enabled or Disabled Account Locked (only shows if locked) MFA Configured or Off MFA Excluded (only shows if excluded)
Josh Archibald 3 months ago in JumpCloud 0

Windows Server: Excessive Failed Logon Alerts (Last 2 Weeks)

Metric Name: Windows Server: Windows Server: Excessive Failed Logon Alerts (Last 2 Weeks) Category: Windows Server Description: This metric is designed to identify and report on local account logon failures that exceed one attempt within the past ...
Lamont Largie 6 months ago in Windows Server 0