From a24fb87ca81f8c9cdcb675a20dee8785c0599efa Mon Sep 17 00:00:00 2001 From: Justin Hall Date: Wed, 5 Dec 2018 10:42:11 -0800 Subject: [PATCH 01/11] added cs to code fence --- ...ication-control-events-centrally-using-advanced-hunting .md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/windows/security/threat-protection/windows-defender-application-control/querying-application-control-events-centrally-using-advanced-hunting .md b/windows/security/threat-protection/windows-defender-application-control/querying-application-control-events-centrally-using-advanced-hunting .md index b1018f5e79..df80d3bdec 100644 --- a/windows/security/threat-protection/windows-defender-application-control/querying-application-control-events-centrally-using-advanced-hunting .md +++ b/windows/security/threat-protection/windows-defender-application-control/querying-application-control-events-centrally-using-advanced-hunting .md @@ -23,7 +23,7 @@ This capability is supported beginning with Windows version 1607. Here is a simple example query that shows all the WDAC events generated in the last seven days from machines being monitored by Windows Defender ATP: -``` +```cs MiscEvents | where EventTime > ago(7d) and ActionType startswith "AppControl" From a3bdefe6e9ec4cb97f42f0fe0193fd6b9ee7a197 Mon Sep 17 00:00:00 2001 From: Justin Hall Date: Wed, 5 Dec 2018 12:12:14 -0800 Subject: [PATCH 02/11] changed syntax highlight --- ...ication-control-events-centrally-using-advanced-hunting .md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/windows/security/threat-protection/windows-defender-application-control/querying-application-control-events-centrally-using-advanced-hunting .md b/windows/security/threat-protection/windows-defender-application-control/querying-application-control-events-centrally-using-advanced-hunting .md index df80d3bdec..e37ec6a7c4 100644 --- a/windows/security/threat-protection/windows-defender-application-control/querying-application-control-events-centrally-using-advanced-hunting .md +++ b/windows/security/threat-protection/windows-defender-application-control/querying-application-control-events-centrally-using-advanced-hunting .md @@ -23,7 +23,7 @@ This capability is supported beginning with Windows version 1607. Here is a simple example query that shows all the WDAC events generated in the last seven days from machines being monitored by Windows Defender ATP: -```cs +```kusto MiscEvents | where EventTime > ago(7d) and ActionType startswith "AppControl" From 5a9137a0941ff7816ab4be5bb18b2e974bc1f1d5 Mon Sep 17 00:00:00 2001 From: Justin Hall Date: Wed, 5 Dec 2018 12:25:11 -0800 Subject: [PATCH 03/11] removed syntax --- ...ication-control-events-centrally-using-advanced-hunting .md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/windows/security/threat-protection/windows-defender-application-control/querying-application-control-events-centrally-using-advanced-hunting .md b/windows/security/threat-protection/windows-defender-application-control/querying-application-control-events-centrally-using-advanced-hunting .md index e37ec6a7c4..b1018f5e79 100644 --- a/windows/security/threat-protection/windows-defender-application-control/querying-application-control-events-centrally-using-advanced-hunting .md +++ b/windows/security/threat-protection/windows-defender-application-control/querying-application-control-events-centrally-using-advanced-hunting .md @@ -23,7 +23,7 @@ This capability is supported beginning with Windows version 1607. Here is a simple example query that shows all the WDAC events generated in the last seven days from machines being monitored by Windows Defender ATP: -```kusto +``` MiscEvents | where EventTime > ago(7d) and ActionType startswith "AppControl" From fa5c3d18d55ee9693545833ef2f985990ef28719 Mon Sep 17 00:00:00 2001 From: Justin Hall Date: Wed, 5 Dec 2018 12:49:13 -0800 Subject: [PATCH 04/11] added syntax --- ...ication-control-events-centrally-using-advanced-hunting .md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/windows/security/threat-protection/windows-defender-application-control/querying-application-control-events-centrally-using-advanced-hunting .md b/windows/security/threat-protection/windows-defender-application-control/querying-application-control-events-centrally-using-advanced-hunting .md index b1018f5e79..e37ec6a7c4 100644 --- a/windows/security/threat-protection/windows-defender-application-control/querying-application-control-events-centrally-using-advanced-hunting .md +++ b/windows/security/threat-protection/windows-defender-application-control/querying-application-control-events-centrally-using-advanced-hunting .md @@ -23,7 +23,7 @@ This capability is supported beginning with Windows version 1607. Here is a simple example query that shows all the WDAC events generated in the last seven days from machines being monitored by Windows Defender ATP: -``` +```kusto MiscEvents | where EventTime > ago(7d) and ActionType startswith "AppControl" From f7e6c9d2b89b3720a3871523e0ef60e957bed477 Mon Sep 17 00:00:00 2001 From: Justin Hall Date: Wed, 5 Dec 2018 13:02:25 -0800 Subject: [PATCH 05/11] edited syntax --- ...ication-control-events-centrally-using-advanced-hunting .md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/windows/security/threat-protection/windows-defender-application-control/querying-application-control-events-centrally-using-advanced-hunting .md b/windows/security/threat-protection/windows-defender-application-control/querying-application-control-events-centrally-using-advanced-hunting .md index e37ec6a7c4..c3cb5b6e67 100644 --- a/windows/security/threat-protection/windows-defender-application-control/querying-application-control-events-centrally-using-advanced-hunting .md +++ b/windows/security/threat-protection/windows-defender-application-control/querying-application-control-events-centrally-using-advanced-hunting .md @@ -23,7 +23,7 @@ This capability is supported beginning with Windows version 1607. Here is a simple example query that shows all the WDAC events generated in the last seven days from machines being monitored by Windows Defender ATP: -```kusto +```Kusto MiscEvents | where EventTime > ago(7d) and ActionType startswith "AppControl" From fd6560403517eab103cd6300bc5f63500bb92ef0 Mon Sep 17 00:00:00 2001 From: Justin Hall Date: Wed, 5 Dec 2018 15:26:34 -0800 Subject: [PATCH 06/11] edited syntax --- ...ication-control-events-centrally-using-advanced-hunting .md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/windows/security/threat-protection/windows-defender-application-control/querying-application-control-events-centrally-using-advanced-hunting .md b/windows/security/threat-protection/windows-defender-application-control/querying-application-control-events-centrally-using-advanced-hunting .md index c3cb5b6e67..e37ec6a7c4 100644 --- a/windows/security/threat-protection/windows-defender-application-control/querying-application-control-events-centrally-using-advanced-hunting .md +++ b/windows/security/threat-protection/windows-defender-application-control/querying-application-control-events-centrally-using-advanced-hunting .md @@ -23,7 +23,7 @@ This capability is supported beginning with Windows version 1607. Here is a simple example query that shows all the WDAC events generated in the last seven days from machines being monitored by Windows Defender ATP: -```Kusto +```kusto MiscEvents | where EventTime > ago(7d) and ActionType startswith "AppControl" From d37c5d5c0c637c66ef0016523cf895edf12af284 Mon Sep 17 00:00:00 2001 From: "Banani Rath (Mindtree LTD)" Date: Thu, 6 Dec 2018 00:24:25 +0000 Subject: [PATCH 07/11] Updated docfx.json --- browsers/internet-explorer/docfx.json | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/browsers/internet-explorer/docfx.json b/browsers/internet-explorer/docfx.json index 34e8b2d487..323ba3e4bd 100644 --- a/browsers/internet-explorer/docfx.json +++ b/browsers/internet-explorer/docfx.json @@ -9,7 +9,7 @@ ], "resource": [ { - "files": ["**/images/**", "**/*.json"], + "files": ["**/images/**"], "exclude": ["**/obj/**"] } ], From 536f53daa1cc40956734794a11171963295425a3 Mon Sep 17 00:00:00 2001 From: "Banani Rath (Mindtree LTD)" Date: Thu, 6 Dec 2018 00:37:52 +0000 Subject: [PATCH 08/11] Updated docfx.json --- mdop/docfx.json | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/mdop/docfx.json b/mdop/docfx.json index a6ff6398ef..530722278f 100644 --- a/mdop/docfx.json +++ b/mdop/docfx.json @@ -9,7 +9,7 @@ ], "resource": [ { - "files": ["**/images/**", "**/*.json"], + "files": ["**/images/**"], "exclude": ["**/obj/**"] } ], From 9970c7565a96d55b2fa21554aa9202143119081e Mon Sep 17 00:00:00 2001 From: "Banani Rath (Mindtree LTD)" Date: Thu, 6 Dec 2018 00:52:17 +0000 Subject: [PATCH 09/11] Updated docfx.json --- windows/docfx.json | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/windows/docfx.json b/windows/docfx.json index f1253f1567..9ac35033eb 100644 --- a/windows/docfx.json +++ b/windows/docfx.json @@ -9,7 +9,7 @@ ], "resource": [ { - "files": ["**/images/**", "**/*.json"], + "files": ["**/images/**"], "exclude": ["**/obj/**"] } ], From 961dcdf1659e4813d34e4aaadc98f1e6be6e3eff Mon Sep 17 00:00:00 2001 From: "Banani Rath (Mindtree LTD)" Date: Thu, 6 Dec 2018 00:53:17 +0000 Subject: [PATCH 10/11] Updated docfx.json --- education/docfx.json | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/education/docfx.json b/education/docfx.json index c01be28758..227546b56a 100644 --- a/education/docfx.json +++ b/education/docfx.json @@ -9,7 +9,7 @@ ], "resource": [ { - "files": ["**/images/**", "**/*.json"], + "files": ["**/images/**"], "exclude": ["**/obj/**"] } ], From d650ae02b12d20ac2649ca7443cc432b830d761f Mon Sep 17 00:00:00 2001 From: "Banani Rath (Mindtree LTD)" Date: Thu, 6 Dec 2018 00:54:13 +0000 Subject: [PATCH 11/11] Updated docfx.json --- browsers/edge/docfx.json | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/browsers/edge/docfx.json b/browsers/edge/docfx.json index b3be0aa999..42532b3fb2 100644 --- a/browsers/edge/docfx.json +++ b/browsers/edge/docfx.json @@ -9,7 +9,7 @@ ], "resource": [ { - "files": ["**/images/**", "**/*.json"], + "files": ["**/images/**"], "exclude": ["**/obj/**"] } ],