Delete Failed SQL Logons

2020-07-04 21:21:14 +05:30 · 2020-07-04 21:21:14 +05:30 · ac098bf69e
--- a/Queries/SQLServer/Failed
+++ b/Queries/SQLServer/Failed
@ -1,7 +0,0 @@
-// This detection query is based on the SQLEvent KQL Parser provided at https://github.com/Azure/Azure-Sentinel/tree/master/Parsers/SQLSever
-// Detailed blog post on Monitoring SQL Server with Azure Sentinel https://techcommunity.microsoft.com/t5/azure-sentinel/monitoring-sql-server-with-azure-sentinel/ba-p/1502960
-//
-//
-SQLEvent
-| where LogonResult has "failed"
-| summarize count() by CurrentUser, Reason