@tipper1510 The other way would be to just show the new Computers not seen before (added)

let previousComputers =  
Syslog 
| where TimeGenerated between (ago(7d) .. ago(1d)) 
| distinct Computer;
Syslog
| where TimeGenerated > ago(1d)
| where  Computer !in(previousComputers)

 Then as a rough example, you can do the counts for old vs. added - there are other ways to do this but I kept it simple ( I hope).

let previousComputersCount = toscalar( 
Syslog 
| where TimeGenerated between (ago(7d) .. ago(1d)) 
| summarize dcount(Computer));
let previousComputers =  
Syslog 
| where TimeGenerated between (ago(7d) .. ago(1d)) 
| distinct Computer;
Syslog
| where TimeGenerated > ago(1d)
| where  Computer !in(previousComputers)
| summarize addedCount_ = dcount(Computer),  addedComputers=make_set(Computer), previousComputersCount=any(previousComputersCount)
// now do your percent calc