Merge branch 'atp-rs4' of https://cpubwin.visualstudio.com/_git/it-client into atp-rs4

2025-05-15 14:57:23 +00:00 · 2018-03-28 15:08:12 -07:00 · 2018-03-28 15:08:12 -07:00 · b1087beacb
commit b1087beacb
parent 4167418dab c175dc7514
1 changed files with 2 additions and 2 deletions
--- a/windows/security/threat-protection/windows-defender-atp/advanced-hunting-best-practices-windows-defender-advanced-threat-protection.md
+++ b/windows/security/threat-protection/windows-defender-atp/advanced-hunting-best-practices-windows-defender-advanced-threat-protection.md
@ -39,8 +39,8 @@ The following best practices serve as a guideline of query performance best prac
 ## Query tips and pitfalls
 ### Unique Process IDs
-Process IDs are recycled in Windows and reused for new processes, so cannot serve as unique IDs for a specific process.
+Process IDs are recycled in Windows and reused for new processes, so cannot serve as a unique identifier for a specific process.
-To address this issue, the time the process was created for the Windows Defender ATP data. Together with the process ID, this can serve as a unique ID on a specific machine.
+To address this issue, the time the process was created is part of the Windows Defender ATP data. Together with the process ID, this can serve as a unique ID on a specific machine.
 So, when you join data based on a specific process or summarize data for each process, you'll need to use a machine identifier (either MachineId or ComputerName), a process ID (ProcessId or InitiatingProcessId) and the process creation time (ProcessCreationTime or InitiatingProcessCreationTime)