Query Details
Isempty
Query
SecurityAlert | where isempty(ProviderName) | project AlertName, SourceComputerId, ProviderName
Explanation
This query is looking at a table called SecurityAlert and filtering out any rows where the ProviderName column is empty. It then selects and displays the AlertName, SourceComputerId, and ProviderName columns from the remaining rows.
Details
Rod Trent
Released: March 26, 2020
Tables
SecurityAlert
Keywords
SecurityAlert,ProviderName,AlertName,SourceComputerId
Operators
whereisemptyproject