Query Details
Security Indicents Createdin Last Day
Query
SecurityIncident | where TimeGenerated > ago(1d) | where Status == "New" | project TimeGenerated, Title, Description, Severity, IncidentUrl
Explanation
This query is looking for new security incidents that have occurred within the past day. It will retrieve the time the incident was generated, the title and description of the incident, the severity level, and the URL associated with the incident.
Details
Rod Trent
Released: April 28, 2022
Tables
SecurityIncident
Keywords
SecurityIncident,TimeGenerated,Status,New,Title,Description,Severity,IncidentUrl
Operators
where>ago==project