From 5a9137a0941ff7816ab4be5bb18b2e974bc1f1d5 Mon Sep 17 00:00:00 2001
From: Justin Hall <justinha@microsoft.com>
Date: Wed, 5 Dec 2018 12:25:11 -0800
Subject: [PATCH] removed syntax

---
 ...ication-control-events-centrally-using-advanced-hunting  .md | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/windows/security/threat-protection/windows-defender-application-control/querying-application-control-events-centrally-using-advanced-hunting  .md b/windows/security/threat-protection/windows-defender-application-control/querying-application-control-events-centrally-using-advanced-hunting  .md
index e37ec6a7c4..b1018f5e79 100644
--- a/windows/security/threat-protection/windows-defender-application-control/querying-application-control-events-centrally-using-advanced-hunting  .md	
+++ b/windows/security/threat-protection/windows-defender-application-control/querying-application-control-events-centrally-using-advanced-hunting  .md	
@@ -23,7 +23,7 @@ This capability is supported beginning with Windows version 1607.
 
 Here is a simple example query that shows all the WDAC events generated in the last seven days from machines being monitored by Windows Defender ATP:
 
-```kusto
+```
 MiscEvents
 | where EventTime > ago(7d) and
 ActionType startswith "AppControl"