User Profile
KevinLin
Copper Contributor
Joined 6 years ago
User Widgets
Recent Discussions
What does @ mean in KQL?
In page: https://learn.microsoft.com/en-us/training/modules/work-with-data-kusto-query-language/4-integrate-external-data and https://learn.microsoft.com/en-us/training/modules/work-with-data-kusto-query-language/2-extract-data-from-unstructured-string-fields What does @ mean in below two KQL: Users | where UserID in ((externaldata (UserID:string) [ @"https://storageaccount.blob.core.windows.net/storagecontainer/users.txt" h@"?...SAS..." // Secret token needed to access the blob ])) | ... SecurityEvent | where EventID == 4672 and AccountType == 'User' | extend Account_Name = extract(@"^(.*\\)?([^@]*)(@.*)?$", 2, tolower(Account))Solved2KViews0likes2CommentsWill Microsoft Defender for Endpoint prevent user to change settings in Windows security?
Hi 1. If I turn on Allow or block file ( Microsoft 365 Defender > Settings >Endpoints > General > Advanced features > Allow or block file > On), Will Microsoft Defender for Endpoint prevent user to change settings in Windows security? 2. If yes, how to let user have ability to turn it off? (Why I ask the question is After turn off Allow or block file, user still see "This setting is managed by your administrator")2KViews0likes2CommentsI have no permission to view Firewall report
Hi I am trying to test https://docs.microsoft.com/en-us/microsoft-365/security/defender-endpoint/host-firewall-reporting?view=o365-worldwide function. First, I enable "Audit Filtering Platform Packet Drop" and "Audit Filtering Platform Connection" events. After it, when I open https://security.microsoft.com/firewall, it tell me "Sorry, you have no permission to view it." I am Security admin, Security reader, Security operator already. What permission I have?833Views1like0Comments
Recent Blog Articles
No content to show