Query Details
Heartbeat Last Heartbeats
Query
let query_period = 24h; Heartbeat | where TimeGenerated > ago(query_period) | summarize arg_max(TimeGenerated, *) by Category, VMUUID, SourceComputerId | sort by Computer asc, VMUUID asc, Category asc, SourceComputerId asc | project-reorder Category, TimeGenerated, Computer, ComputerIP, ComputerPrivateIPs
Explanation
This query retrieves the latest heartbeat information for each category, VMUUID, and source computer within the last 24 hours. It then sorts the results by computer name, VMUUID, category, and source computer ID. Finally, it selects and reorders the columns to display the category, time generated, computer name, computer IP, and computer private IPs.
Details
Jose Sebastián Canós
Released: October 17, 2022
Tables
Heartbeat
Keywords
Heartbeat,TimeGenerated,Category,VMUUID,SourceComputerId,Computer,ComputerIP,ComputerPrivateIPs
Operators
wheresummarizearg_maxbysortproject-reorder