deepblue/windows-itpro-docs
1
0
Fork 0
mirror of https://github.com/MicrosoftDocs/windows-itpro-docs.git synced 2025-06-23 14:23:38 +00:00
Code Issues Actions 3 Packages Projects Releases Wiki Activity

Update advanced-hunting-query-language.md

Browse Source 
Removed bolded items for consistency.
This commit is contained in:
lomayor
2020-01-08 11:18:50 -08:00
parent d6c2d9ac53
commit 096324582d
1 changed files with 15 additions and 15 deletions
Download Patch File Download Diff File Expand all files Collapse all files

30
windows/security/threat-protection/microsoft-defender-atp/advanced-hunting-query-language.md
View File

@ -97,16 +97,16 @@ Now that you've run your first query and have a general idea of its components,
| Operator | Description and usage | | Operator | Description and usage |
|--|--| |--|--|
| **`where`** | Filter a table to the subset of rows that satisfy a predicate. | | `where` | Filter a table to the subset of rows that satisfy a predicate. |
| **`summarize`** | Produce a table that aggregates the content of the input table. | | `summarize` | Produce a table that aggregates the content of the input table. |
| **`join`** | Merge the rows of two tables to form a new table by matching values of the specified column(s) from each table. | | `join` | Merge the rows of two tables to form a new table by matching values of the specified column(s) from each table. |
| **`count`** | Return the number of records in the input record set. | | `count` | Return the number of records in the input record set. |
| **`top`** | Return the first N records sorted by the specified columns. | | `top` | Return the first N records sorted by the specified columns. |
| **`limit`** | Return up to the specified number of rows. | | `limit` | Return up to the specified number of rows. |
| **`project`** | Select the columns to include, rename or drop, and insert new computed columns. | | `project` | Select the columns to include, rename or drop, and insert new computed columns. |
| **`extend`** | Create calculated columns and append them to the result set. | | `extend` | Create calculated columns and append them to the result set. |
| **`makeset`** | Return a dynamic (JSON) array of the set of distinct values that Expr takes in the group. | | `makeset` | Return a dynamic (JSON) array of the set of distinct values that Expr takes in the group. |
| **`find`** | Find rows that match a predicate across a set of tables. | | `find` | Find rows that match a predicate across a set of tables. |
To see a live example of these operators, run them from the **Get started** section of the advanced hunting page. To see a live example of these operators, run them from the **Get started** section of the advanced hunting page.
@ -116,11 +116,11 @@ Data in advanced hunting tables are generally classified into the following data
| Data type | Description and query implications | | Data type | Description and query implications |
|--|--| |--|--|
| **datetime** | Data and time information typically representing event timestamps | | `datetime` | Data and time information typically representing event timestamps |
| **string** | Character string | | `string` | Character string |
| **bool** | True or false | | `bool` | True or false |
| **int** | 32-bit numeric value | | `int` | 32-bit numeric value |
| **long** | 64-bit numeric value | | `long` | 64-bit numeric value |
## Use sample queries ## Use sample queries