Forum Discussion
How to combined query with same table.
Hi Guys, I am adding new column in CommonSecurity Table. But i am having issue in kql quey. Please help me. This is Palo alto related logs. As "cat" field is in both Threat and System. So it is g...
works for me, unless akshay was expecting another result.
(I don't have system logs coming in so an empty column is expected)
clive define for particular
| where AdditionalExtensions contains "cat="
that is not my requirement.
| where AdditionalExtensions contains "cat="
that is not my requirement.
- Just remove that line, it was there just to filter the records down in my testing, line 6 you may not want either. This was merely to show you the iif/iff command in use
