Update WAF_log4j_vulnerability.yaml

Adding Category field to the summarize statement.
2021-12-13 08:52:20 -08:00 · 2021-12-13 08:52:20 -08:00 · 7b7d73ea43
--- a/Queries/AzureDiagnostics/WAF_log4j_vulnerability.yaml
+++ b/Queries/AzureDiagnostics/WAF_log4j_vulnerability.yaml
@ -24,7 +24,7 @@ query: |
  | extend CmdLine = iff(originalRequestUriWithArgs_s has 'Base64/', split(split(originalRequestUriWithArgs_s, "Base64/",1)[0], "}", 0)[0], split(split(userAgent_s, "Base64/",1)[0], "}", 0)[0])
  | extend CmdLine = base64_decode_tostring(tostring(CmdLine))
  | where CmdLine has_any ("wget","curl")
-  | summarize Total = count() by originalRequestUriWithArgs_s, userAgent_s, clientIP_s,clientPort_d, TimeGenerated, host_s, requestUri_s, httpStatus_d,listenerName_s, CmdLine, httpMethod_s
+  | summarize Total = count() by originalRequestUriWithArgs_s, userAgent_s, clientIP_s,clientPort_d, TimeGenerated, host_s, requestUri_s, httpStatus_d,listenerName_s, CmdLine, httpMethod_s, Category
  | extend IPCustomEntity = clientIP_s, timestamp = TimeGenerated
 entityMappings: 
 - entityType: IP