User location in Security Alerts/Incidents logs

luizgomesjr · ‎Feb 13 2024

Dear Community,

I´ve been struggling to find a way to pull out location information for user in security incidents logs. The idea is to have this details on alerts and incidents to generate dashboards (workbooks) and reports. Would you be able to enlight me with ideas/insights?

Thanks in advance for your help.

Clive_Watson · ‎Feb 14 2024

hello, if you have an ip address you can try this command to get the location from that source https://learn.microsoft.com/en-us/azure/data-explorer/kusto/query/geo-info-from-ip-address-function

luizgomesjr · ‎Feb 14 2024

Thanks Clive, will look into it.

User location in Security Alerts/Incidents logs

User location in Security Alerts/Incidents logs

Re: User location in Security Alerts/Incidents logs

Re: User location in Security Alerts/Incidents logs

Products (50)

Special Topics (27)

Video Hub (462)

Most Active Hubs

Most Active Hubs

Video Hub

User location in Security Alerts/Incidents logs

User location in Security Alerts/Incidents logs

Re: User location in Security Alerts/Incidents logs

Re: User location in Security Alerts/Incidents logs