Query Details
Find All System Processes Related To Defender Sense Or Security
Query
Author: Niklas Tinner (@NiklasTinner) Use Case: Identifying security-related processes in a system log for further analysis or monitoring. Process | where ProcessName contains 'Defender' or ProcessName contains 'Sense' or ProcessName contains 'Security'
Explanation
This query is looking for security-related processes in a system log. It filters the log based on the process name, looking for any processes that contain the words 'Defender', 'Sense', or 'Security'. The purpose is to identify these processes for further analysis or monitoring.
Details
Ugur Koc
Released: February 4, 2024
Tables
Process
Keywords
Process,ProcessName,Defender,Sense,Security
Operators
containsorwhere