azure alert logs query

1 Topic

Expanding Alert Log Search Query
Hello - We have an alert setup that does the following: W3CIISLog | where Computer == "W9" or Computer == "W10" | summarize Hits=count() by cIP | where Hits >= 600 | where cIP !startswith "10.0" | order by Hits desc And what I would like is for those results to then be piped into this query and the results returned: W3CIISLog | where cIP == "192.34.85.134" | summarize count () by csUriStem | order by count_ desc Any help is greatly appreciated.
Solved
tkeller
Apr 08, 2022 Place Azure Observability
2.4KViews
0likes
7Comments