deepblue/windows-itpro-docs
1
0
Fork 0
mirror of https://github.com/MicrosoftDocs/windows-itpro-docs.git synced 2025-05-15 23:07:23 +00:00
Code Issues Actions 3 Packages Projects Releases Wiki Activity

Merged PR 6395: Updated advanced-hunting-windows-defender-advanced-threat-protection.md

Browse Source 
Updated advanced-hunting-windows-defender-advanced-threat-protection.md
This commit is contained in:
Liza Mash 2018-03-15 17:50:53 +00:00 committed by Joey Caparas
commit 93bdd843e6
1 changed files with 11 additions and 11 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

22
windows/security/threat-protection/windows-defender-atp/advanced-hunting-windows-defender-advanced-threat-protection.md
View File

@ -49,18 +49,18 @@ First, we define a time filter to review only records from the previous day. We
Finally, we limit the results to 100 and click **Run query**. Finally, we limit the results to 100 and click **Run query**.
### Operators ### Operators
The query language is very powerful and has the following usable operators: The query language is very powerful and has a lot of available operators, some of them are -
- **Limit** - Return up to the specified number of rows. - **limit** - Return up to the specified number of rows.
- **Where** - Filter a table to the subset of rows that satisfy a predicate. - **where** - Filter a table to the subset of rows that satisfy a predicate.
- **Count** - Return the number of records in the input record set. - **count** - Return the number of records in the input record set.
- **Top** - Return the first N records sorted by the specified columns. - **top** - Return the first N records sorted by the specified columns.
- **Project** - Select the columns to include, rename or drop, and insert new computed columns. - **project** - Select the columns to include, rename or drop, and insert new computed columns.
- **Summarize** - Produce a table that aggregates the content of the input table. - **summarize** - Produce a table that aggregates the content of the input table.
- **Extend** - Create calculated columns and append them to the result set. - **extend** - Create calculated columns and append them to the result set.
- **Join** - Merge the rows of two tables to form a new table by matching values of the specified column(s) from each table. - **join** - Merge the rows of two tables to form a new table by matching values of the specified column(s) from each table.
- **Makeset** - Return a dynamic (JSON) array of the set of distinct values that Expr takes in the group - **makeset** - Return a dynamic (JSON) array of the set of distinct values that Expr takes in the group
- **Find** - Find rows that match a predicate across a set of tables. - **find** - Find rows that match a predicate across a set of tables.
To see a live example of these operators, run them as part of the **Get started** section. To see a live example of these operators, run them as part of the **Get started** section.