Query Details
Blue Screen Of Death
Query
Use Case: IT professionals monitoring system stability by identifying recent critical system errors logged as Event ID 1001 in Windows Event Viewer within the last 7 days.
Query:
WindowsEvent('System', 7d)
| where tostring(EventId) == '1001'Explanation
The query is looking for recent critical system errors with Event ID 1001 in the Windows Event Viewer within the last 7 days.
Details
Ugur Koc
Released: February 4, 2024
Tables
WindowsEvent
Keywords
WindowsEvent,System,EventId
Operators
|wheretostring==