This commit is contained in:
juliango2100 2019-08-16 17:33:38 -07:00 коммит произвёл GitHub
Родитель 7befd2ff04
Коммит 5129fd46a5
Не найден ключ, соответствующий данной подписи
Идентификатор ключа GPG: 4AEE18F83AFDEB23
1 изменённых файлов: 3 добавлений и 1 удалений

Просмотреть файл

@ -72,4 +72,6 @@ Results | join kind= inner (
| project TimeGenerated, EventID, Computer, SubjectUserSid, Account, AccountType, Process, NewProcessName, CommandLine, ParentProcessName | project TimeGenerated, EventID, Computer, SubjectUserSid, Account, AccountType, Process, NewProcessName, CommandLine, ParentProcessName
) on Computer, Process ) on Computer, Process
| project TimeGenerated, EventID, Computer, SubjectUserSid, Account, Weight, ProcessEntropy, Process, NewProcessName, CommandLine, ParentProcessName, TotalProcessCountOnHost, ProcessCountOnHost, DistinctComputersWithProcessCount | project TimeGenerated, EventID, Computer, SubjectUserSid, Account, Weight, ProcessEntropy, Process, NewProcessName, CommandLine, ParentProcessName, TotalProcessCountOnHost, ProcessCountOnHost, DistinctComputersWithProcessCount
| sort by Weight asc, ProcessEntropy asc, NewProcessName asc | sort by Weight asc, ProcessEntropy asc, NewProcessName asc
| extend HostCustomEntity = Computer
| extend AccountCustomEntity = Account