Skip to content

Commit e1bc004

Browse files
authored
Update summary-rules.md
1 parent 9dceecd commit e1bc004

File tree

1 file changed

+0
-2
lines changed

1 file changed

+0
-2
lines changed

articles/sentinel/summary-rules.md

Lines changed: 0 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -135,7 +135,6 @@ This section reviews common scenarios for creating summary rules in Microsoft Se
135135
```kusto
136136
let csl_columnmatch=(column_name: string) {
137137
CommonSecurityLog
138-
| where TimeGenerated > startofday(ago(1d))
139138
| where isnotempty(column_name)
140139
| extend
141140
Date = format_datetime(TimeGenerated, "yyyy-MM-dd"),
@@ -287,7 +286,6 @@ This procedure describes a sample process for using summary rules with [auxiliar
287286
// Daily Network traffic trend Per Destination IP along with Data transfer stats
288287
// Frequency - Daily - Maintain 30 day or 60 Day History.
289288
  Custom_CommonSecurityLog
290-
  | where TimeGenerated > ago(1d)
291289
  | extend Day = format_datetime(TimeGenerated, "yyyy-MM-dd")
292290
  | summarize Count= count(), DistinctSourceIps = dcount(SourceIP), NoofByesTransferred = sum(SentBytes), NoofBytesReceived = sum(ReceivedBytes)
293291
  by Day,DestinationIp, DeviceVendor

0 commit comments

Comments
 (0)