KQL Search

Query Details

Timescope Query Parameters

Query

// 1 hour example
set query_datetimescope_column = "TimeGenerated";
// In case of using a Watchlist below these statements, comment the next line, "query_datetimescope_from"
set query_datetimescope_from = datetime(2022-10-24T10:54:50.128Z);
set query_datetimescope_to = datetime(2022-10-24T11:54:50.128Z);
set query_now = datetime(2022-10-24T11:54:50.128Z);
...

Explanation

The query is setting the time range for the data to be analyzed. It specifies the start and end times for the analysis and also sets the current time.

Details

Jose Sebastián Canós

Released: March 24, 2023

Tables

There is not enough information provided to determine the name of the table or tables that the query or queries use.

Keywords

Devices,Intune,User

Operators

datetimedatetimedatetime

KQL Search

Timescope Query Parameters

Query

Explanation

Details

Actions