deepblue/windows-itpro-docs
1
0
Fork 0
mirror of https://github.com/MicrosoftDocs/windows-itpro-docs.git synced 2025-05-28 13:17:23 +00:00
Code Issues Actions 3 Packages Projects Releases Wiki Activity

Updated advanced-hunting-windows-defender-advanced-threat-protection.md

Browse Source
This commit is contained in:
Liza Mash 2018-03-29 07:26:18 +00:00
parent 363d430686
commit bf60d18ca4
1 changed files with 2 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
windows/security/threat-protection/windows-defender-atp/advanced-hunting-windows-defender-advanced-threat-protection.md
View File

@ -79,6 +79,7 @@ For more information on the query language and supported operators, see [Query L
The following tables are exposed as part of advanced hunting:
- **AlertEvents** - Stores alerts related information
- **MachineInfo** - Stores machines proprties
- **ProcessCreationEvents** - Stores process creation events
- **NetworkCommunicationEvents** - Stores network communication events o
- **FileCreationEvents** - Stores file creation, modification, and rename events
@ -103,7 +104,7 @@ You can create or modify a query and save it as your own query or share it with
3. Enter a name for the query.
![Image of saving a query](images/atp-save-query.png)
![Image of saving a query](images/advanced-hunting-save-query.png)
4. Select the folder where you'd like to save the query.
- Shared queries - Allows other users in the tenant to access the query