Query Details
Analytics Rules Runby Times
Query
SecurityAlert | where ProviderName contains "ASI" | summarize count() by DisplayName
Explanation
This query is looking at a dataset called SecurityAlert and filtering it to only include records where the ProviderName contains the letters "ASI". It then groups the remaining records by the DisplayName field and counts how many records are in each group.
Details
Rod Trent
Released: June 11, 2020
Tables
SecurityAlert
Keywords
SecurityAlert,ProviderName,ASI,DisplayName
Operators
wherecontainssummarizecount()by