Jun 10 2018
01:31 AM
- last edited on
Apr 07 2022
05:11 PM
by
TechCommunityAP
Jun 10 2018
01:31 AM
- last edited on
Apr 07 2022
05:11 PM
by
TechCommunityAP
Hello, i am trying to get
SecurityAlert | where AlertName == "Leaked credentials" and join it with OfficeActivity and select the columns i need etc..
I assume the join can be made on the UserID, which needs to be expanded or extracted our of the
Your post has been changed because invalid HTML was found in the message body. The invalid HTML has been removed. Please review the message and submit the message when you are satisfied.
Jun 12 2018 07:46 AM
Hi,
The syntax seems ok, can you explain what's not working?
Thanks,
Noa