MDE Module Not Returning IP based Findings

briandelmsft / STAT-Function

Azure Function for the Microsoft Sentinel Triage AssistanT (STAT)

https://aka.ms/mstat

MIT License

9 stars 1 forks source link

Closed briandelmsft closed 1 year ago

briandelmsft commented 1 year ago

KQL filter is incorrect, looking at the IPAddresses to filter down instead of the unpacked IPAddress column

briandelmsft commented 1 year ago