Skip to contentBrand Logo
Community
Help
Learn
Events
Cyber Million
  1. Immersive Community
  2. Help
  3. Help & Support Forum

Forum Discussion

itskw271's avatar
itskw271
Icon for Bronze I rankBronze I
5 months ago

Sentinel Blue team ops

2 separate questions for KQL can someone lmk what I'm doing wrong please.

 

 

cloud security
defensive cyber

1 Reply

  • Cyb3rM0nK3y's avatar
    Cyb3rM0nK3y
    Icon for Bronze II rankBronze II
    5 months ago

    Q12 - I can see 2 issues with your query.

    • On line 2 the "2" needs to be outside the () but within [] of its own. 
    • You don't need line 4

     

    Q11 - You have the time range set to "Last 24 Hours" the lab requires you to have it set to "Last 7 Days"

    Hope that helps 🙂

Featured Places

Help & Support Forum

Related Content
  • Sentinel Labs
    7 months ago
    FF
  • Microsoft Sentinel SOAR: Demonstrate Your Skills
    4 months ago
    Cyb3rM0nK3y
  • Microsoft Sentinel SOAR: Playbooks Issue
    5 months ago
    Cyb3rM0nK3y
  • Hasta La Vista, Passive Defense: Why Blue Teams Need an Offensive Edge
    8 days ago
    EllaBendrickChartier
  • How is Cyber Team Sim different from Cyber Ranges?
    9 months ago
    KieranRowley

Recent Discussions

  • Jeff777's avatar
    Radare2 Reverse Engineering: Ep.2 – Windows Binary Part 2
    7 hours ago
    Jeff777
  • posewadone23's avatar
    ICS Malware: Triton - unpack trilog.exe
    14 hours ago
    posewadone23
  • f31i1031's avatar
    Privilege Escalation: Windows – Automated Enumeration
    16 hours ago
    f31i1031
  • JWhit101's avatar
    Web App Hacking (Lab series): CVE-2022-42889 (Text4Shell) – Offensive
    16 hours ago
    JWhit101
  • retornet's avatar
    FIN7 Threat Hunting with Splunk: Ep.3 – Execution Logs
    2 days ago
    retornet
Community HomePrivacy PolicyHelp
Powered By Khoros