Forum Discussion
Haim Goldshtein
Microsoft
MicrosoftPalo Alto Networks and WDATP ad-hoc integration
Integrate your Palo Alto Networks firewall alerts directly into WDATP machine timeline and alert queue
5 Minutes
Low complexity
Firewall and IPS/IDS are common tools in every or...
The API Queries in the script need to be modified before this script will work. Microsoft has changed the scheme and the script does not reflect those changes.
This article highlights the changes, Advanced hunting data schema changes - Microsoft Tech Community
What you need to modify in the script is NetworkCommunicationEvents to DeviceNetworkEvents, MachineInfo to DeviceInfo and EventTime to Timestamp.
After you perform the modifications, the script will work.