RE: How to show or display any device that is NOT running Windows 10 or above

JMSHW0420 · ‎Nov 10 2021

I am trying a build a query that can isolate results showing any device that is NOT running Windows 10 or above. So anything below this version AND excluding some OS platforms such as Servers, Android and iOS.

I have complied this, but was just wondering IF there is a more efficient way to build the FINAL where clause I have?

DeviceInfo
| where TimeGenerated > ago(1d)
| where isnotempty(OSPlatform)
| summarize arg_max(TimeGenerated, *) by DeviceName
| extend OSBuildString = tostring(OSBuild)
| where OSPlatform !contains "Windows1" and OSPlatform !contains "Server" and OSPlatform !contains "Linux" and OSPlatform !contains "Android" and OSPlatform != "iOS"
| project DeviceName, OSBuild, OSPlatform, OSVersion
| sort by OSPlatform asc

Clive_Watson · ‎Nov 11 2021

Maybe, just test for Windows OS and versions below 10?

DeviceInfo
| where TimeGenerated > ago(1d) 
| where isnotempty(OSPlatform)
| where OSPlatform startswith 'Windows'
| extend majorVersion_ = split(OSVersion,".").[0] 
| where majorVersion_ < 10

Products (50)

Special Topics (27)

Video Hub (462)

Most Active Hubs

Most Active Hubs

Video Hub

RE: How to show or display any device that is NOT running Windows 10 or above

RE: How to show or display any device that is NOT running Windows 10 or above

RE: How to show or display any device that is NOT running Windows 10 or above