Query Details
Show Application Hangs
Query
Use Case: Monitoring application hang events in Windows systems over the past 7 days.
Query:
WindowsEvent('Application', 7d)
| where tostring(EventId) == '1002'Explanation
The query is looking for application hang events in Windows systems that have occurred in the past 7 days. It filters the events to only include those with an EventId of 1002.
Details
Ugur Koc
Released: February 4, 2024
Tables
WindowsEvent
Keywords
WindowsEvent,Application,7d,EventId,1002
Operators
WindowsEventwheretostring==