Query Details
Visualization Outdated OS Used
Query
# Visualise the outdated Operating Systems used to connect to your cloud environment ### Defender For Endpoint ``` CloudAppEvents | where UserAgentTags contains "Outdated operating system" | summarize count() by OSPlatform | render piechart with(title="Outdated Operating Systems Used") ``` ### Sentinel ``` CloudAppEvents | where UserAgentTags contains "Outdated operating system" | summarize count() by OSPlatform | render piechart with(title="Outdated Operating Systems Used") ```
Explanation
The query is looking for outdated operating systems used to connect to the cloud environment. It uses the CloudAppEvents table and filters for UserAgentTags that contain "Outdated operating system". It then groups the results by OSPlatform and visualizes them in a pie chart with the title "Outdated Operating Systems Used". This query is used for both Defender For Endpoint and Sentinel.
Details
Bert-Jan Pals
Released: February 14, 2023
Tables
CloudAppEvents
Keywords
CloudAppEvents,UserAgentTags,Outdatedoperatingsystem,OSPlatform,render,piechart,title
Operators
wherecontainssummarizebyrender