Query Details

Agent - Same agent active across multiple projects

Agent Multi Project Activity

Query

let lookback = 1d;
AppDependencies
| where TimeGenerated > ago(lookback)
| where isnotempty(Properties["gen_ai.agent.name"])
| where isnotempty(Properties["microsoft.foundry.project.id"])
| extend
    Agent     = tostring(Properties["gen_ai.agent.name"]),
    ProjectId = tostring(Properties["microsoft.foundry.project.id"]),
    Model     = tostring(Properties["gen_ai.request.model"]),
    ConvId    = tostring(Properties["gen_ai.conversation.id"])
| summarize
    Projects        = make_set(ProjectId, 20),
    DistinctProjects = dcount(ProjectId),
    Conversations   = dcount(ConvId),
    Calls           = count(),
    Models          = make_set(Model, 10),
    FirstSeen       = min(TimeGenerated),
    LastSeen        = max(TimeGenerated)
    by Agent
| where DistinctProjects >= 2
| project
    LastSeen, Agent, DistinctProjects, Projects, Conversations,
    Calls, Models, FirstSeen
| order by DistinctProjects desc, Calls desc

Explanation

This query is designed to identify agents (specifically, Foundry/Agent Service agents) that are active across multiple projects within a specified time window (the past day). The goal is to detect agents that might be improperly shared or cloned across different projects, which could indicate a security risk such as unauthorized access or data exposure.

Here's a simplified breakdown of what the query does:

  1. Time Frame: It looks at data from the last day (lookback = 1d).

  2. Data Source: It examines the AppDependencies table, focusing on specific properties related to agents and projects.

  3. Filtering: It filters out records where the agent name and project ID are not empty.

  4. Data Extraction: It extracts and converts relevant properties into strings, such as agent name, project ID, model, and conversation ID.

  5. Aggregation: It summarizes the data by agent, calculating:

    • The set of project IDs the agent is associated with.
    • The number of distinct projects the agent is involved in.
    • The number of unique conversations and total calls.
    • The set of models used.
    • The first and last time the agent was seen.
  6. Condition: It filters for agents that are associated with two or more distinct projects.

  7. Output: It projects relevant information such as the last seen time, agent name, number of distinct projects, list of projects, number of conversations, total calls, models used, and first seen time.

  8. Sorting: It orders the results by the number of distinct projects and then by the number of calls, both in descending order.

The query is tagged with tactics and techniques related to lateral movement and discovery, indicating its use in identifying potential security threats.

Details

David Alonso profile picture

David Alonso

Released: June 8, 2026

Tables

AppDependencies

Keywords

AgentFoundryProjectPropertiesAppDependenciesTimeGeneratedModelConversation

Operators

letagowhereisnotemptyextendtostringsummarizemake_setdcountcountminmaxbyprojectorder bydesc

Tactics

LateralMovementDiscovery

MITRE Techniques

Actions

GitHub