deepblue/windows-itpro-docs
1
0
Fork 0
mirror of https://github.com/MicrosoftDocs/windows-itpro-docs.git synced 2025-06-17 11:23:45 +00:00
Code Issues Actions 3 Packages Projects Releases Wiki Activity

update description of example in adv hunting

Browse Source
This commit is contained in:
Joey Caparas
2018-08-15 10:56:46 -07:00
parent b6e909a63a
commit bf80ebe1a1
1 changed files with 3 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

5
windows/security/threat-protection/windows-defender-atp/advanced-hunting-windows-defender-advanced-threat-protection.md
View File

@ -10,7 +10,7 @@ ms.pagetype: security
ms.author: macapara ms.author: macapara
author: mjcaparas author: mjcaparas
ms.localizationpriority: medium ms.localizationpriority: medium
ms.date: 06/13/2018 ms.date: 08/15/2018
--- ---
# Query data using Advanced hunting in Windows Defender ATP # Query data using Advanced hunting in Windows Defender ATP
@ -51,7 +51,8 @@ First, we define a time filter to review only records from the previous seven da
We then add a filter on the _FileName_ to contain only instances of _powershell.exe_. We then add a filter on the _FileName_ to contain only instances of _powershell.exe_.
Afterwards, we add a filter on the _ProcessCommandLine_ Afterwards, we add a filter on the _ProcessCommandLine_.
Finally, we project only the columns we're interested in exploring and limit the results to 100 and click **Run query**. Finally, we project only the columns we're interested in exploring and limit the results to 100 and click **Run query**.
You have the option of expanding the screen view so you can focus on your hunting query and related results. You have the option of expanding the screen view so you can focus on your hunting query and related results.