Checks for squid proxy events associated with common mining pools. This query presumes the default squid log format is being used.
MITRE ATT&CK Tactics
1. Traffic to known mining pools can be blocked through the use of network black and whitelists
2. Perform a full AV/AM scan of the internal machine
3. Investigate in Azure Sentinel if any lateral attacks were done from the same entity (account or IP address)