From 0f08bfb9860b4a8606163024b22817d136854859 Mon Sep 17 00:00:00 2001
From: Louie Mayor <louie.mayor@microsoft.com>
Date: Fri, 9 Oct 2020 16:34:46 -0700
Subject: [PATCH] Update advanced-hunting-query-language.md

---
 .../microsoft-defender-atp/advanced-hunting-query-language.md   | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/windows/security/threat-protection/microsoft-defender-atp/advanced-hunting-query-language.md b/windows/security/threat-protection/microsoft-defender-atp/advanced-hunting-query-language.md
index f392fb5bbc..e115475712 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/advanced-hunting-query-language.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/advanced-hunting-query-language.md
@@ -74,7 +74,7 @@ The first piped element is a time filter scoped to the previous seven days. Limi
 ### Check specific processes
 The time range is immediately followed by a search for process file names representing the PowerShell application.
 
-```
+```kusto
 // Pivoting on PowerShell processes
 | where FileName in~ ("powershell.exe", "powershell_ise.exe")
 ```