deepblue/windows-itpro-docs
1
0
Fork 0
mirror of https://github.com/MicrosoftDocs/windows-itpro-docs.git synced 2025-06-20 12:53:38 +00:00
Code Issues Actions 3 Packages Projects Releases Wiki Activity

Updated advanced-hunting-windows-defender-advanced-threat-protection.md

Browse Source
This commit is contained in:
Liza Mash
2018-03-26 05:53:00 +00:00
parent dbc0b9fe87
commit 466ef3790c
1 changed files with 1 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
windows/security/threat-protection/windows-defender-atp/advanced-hunting-windows-defender-advanced-threat-protection.md
View File

@ -56,7 +56,7 @@ A typical query starts with a table name followed by a series of operators separ
In the following example, we start with the table name **ProcessCreationEvents** and add piped elements as needed. In the following example, we start with the table name **ProcessCreationEvents** and add piped elements as needed.
![Image of Windows Defender ATP advanced hunting query](images/atp-advanced-hunting-query.png) ![Image of Windows Defender ATP advanced hunting query](images/advanced-hunting-query-example.png)
First, we define a time filter to review only records from the previous seven days. First, we define a time filter to review only records from the previous seven days.