Query Details
Overview Event Level Types For Windows Applications Events
Query
Author: Niklas Tinner (@NiklasTinner)
Use Case: Monitoring the frequency of application-level events on Windows systems by severity level over the past hour.
WindowsEvent('Application', 1h)
| summarize count() by LevelExplanation
This query is used to monitor the frequency of application-level events on Windows systems. It looks at events from the 'Application' log over the past hour and summarizes the count of events by their severity level.
Details
Ugur Koc
Released: February 4, 2024
Tables
WindowsEvent
Keywords
WindowsEvent,Application,Level
Operators
WindowsEventsummarizecount()by