Query Details
Active Users
Query
//Show you all active user accounts that have logged in within the last 7 days and have a level of 3 or higher SigninLogs | where TimeGenerated >= ago(7d) | where level >= 3 | project IPAddress, UserDisplayName, Level
Explanation
This query shows all user accounts that are currently active and have logged in within the last 7 days. Additionally, it filters the results to only include accounts with a level of 3 or higher. The query then projects the IP address, user display name, and level of these accounts.
Details
Rod Trent
Released: February 2, 2023
Tables
SigninLogs
Keywords
SigninLogs,TimeGenerated,ago,level,project,IPAddress,UserDisplayName
Operators
|where>=agoproject