https://techcommunity.microsoft.com/discussions/microsoftsentinel/kql-query-for-distinct-values/2224298
kql query for distinct values | Microsoft Community Hub
Hi there,I'm trying to query all computers that match 2 or more DISTINCT DisplayName fields.I can get the distinct count:SecurityAlert| where ProductName...
kql querydistinctvaluesmicrosoftcommunity
https://techcommunity.microsoft.com/discussions/microsoftsentinel/kql-query-to-see-log-usage/2466256
KQL query to see log usage | Microsoft Community Hub
We have on boarded various logsources through logstash from on premise into sentinel.However we are wondering if there is a possibility to get insights into...
kql queryto seelogusagemicrosoft
https://techcommunity.microsoft.com/discussions/microsoftsentinel/kql-query-for-match-ioc-from-watchlist/4014160
KQL Query for Match IoC from WatchList | Microsoft Community Hub
Hi All, I would like to create a Watchlist for Hashes, URLs, Domains and IPs. After that i would like to create a KQL query to search the...
kql querymatchiocwatchlistmicrosoft
https://www.kqlsearch.com/query/GetAsyncKeyStateApiCallQuery&clz5ey3bp00025ii0oxua1hdv
Get Async Key State Api Call Query | KQL Search
KQL Query: Get Async Key State Api Call Query
state apigetasynckeycall
https://www.kqlsearch.com/query/Cisco_Umbrella_dns_CL-Monitored%20category%20DNS%20query%20-%20Reprehensible&clmo1hi5l003omc0jqshzddiv
Cisco Umbrella Dns CL Monitored Category DNS Query Reprehensible | KQL Search
KQL Query: Cisco Umbrella Dns CL Monitored Category DNS Query Reprehensible
cisco umbrella dnsclmonitoredcategoryquery
https://www.kqlsearch.com/query/CreateAndQuery&clsx9ybnx00gtmc0pcoaxa0kb
Create And Query | KQL Search
KQL Query: Create And Query
createquerykqlsearch