deepblue/windows-itpro-docs
1
0
Fork 0
mirror of https://github.com/MicrosoftDocs/windows-itpro-docs.git synced 2025-06-21 13:23:36 +00:00
Code Issues Actions 3 Packages Projects Releases Wiki Activity

ep changes

Browse Source
This commit is contained in:
Iaan D'Souza-Wiltshire
2017-08-16 11:26:51 -07:00
parent 6c02a0f46a
commit 48ff508ae9
14 changed files with 783 additions and 224 deletions
Download Patch File Download Diff File Expand all files Collapse all files

21
windows/threat-protection/windows-defender-exploit-guard/scripts/ep-events.xml Normal file
View File

@ -0,0 +1,21 @@
<ViewerConfig>
<QueryConfig>
<QueryParams>
<Simple>
<Channel>Microsoft-Windows-Windows Defender/Operational,Microsoft-Windows-Windows Defender/WHC</Channel>
<EventId>1125,1126,5007</EventId>
<RelativeTimeInfo>0</RelativeTimeInfo>
<BySource>False</BySource>
</Simple>
</QueryParams>
<QueryNode>
<Name>Network Protection view</Name>
<QueryList>
<Query Id="0" Path="Microsoft-Windows-Windows Defender/Operational">
<Select Path="Microsoft-Windows-Windows Defender/Operational">*[System[(EventID=1125 or EventID=1126 or EventID=5007)]]</Select>
<Select Path="Microsoft-Windows-Windows Defender/WHC">*[System[(EventID=1125 or EventID=1126 or EventID=5007)]]</Select>
</Query>
</QueryList>
</QueryNode>
</QueryConfig>
</ViewerConfig>