MicrosoftDocs
diff --git a/‎defender-xdr/advanced-hunting-query-results.md‎
Lines changed: 22 additions & 0 deletions b/‎defender-xdr/advanced-hunting-query-results.md‎
Lines changed: 22 additions & 0 deletions
diff --git a/‎defender-xdr/whats-new.md‎
Lines changed: 1 addition & 1 deletion b/‎defender-xdr/whats-new.md‎
Lines changed: 1 addition & 1 deletion
diff --git a/‎defender/media/add-filter1.png‎
47.1 KB b/‎defender/media/add-filter1.png‎
47.1 KB
diff --git a/‎defender/media/add-filter2.png‎
81.9 KB b/‎defender/media/add-filter2.png‎
81.9 KB
diff --git a/‎defender/media/add-filter3.png‎
9.96 KB b/‎defender/media/add-filter3.png‎
9.96 KB
diff --git a/‎defender/media/add-filter4.png‎
12.4 KB b/‎defender/media/add-filter4.png‎
12.4 KB
diff --git a/‎defender/media/add-filter5.png‎
53.9 KB b/‎defender/media/add-filter5.png‎
53.9 KB
@@ -111,6 +111,28 @@ After running a query, select **Export** to save the results to local file. Your
 - **Table view**—The query results are exported in tabular form as a Microsoft Excel workbook
 - **Any chart**—The query results are exported as a JPEG image of the rendered chart
 
+## Filter results
+
+After running a query, select **Filter** to narrow down the results. 
+
+:::image type="content" source="/defender/media/add-filter1.png" alt-text="Screenshot of filters in advanced hunting." lightbox="/defender/media/add-filter1.png":::
+
+To add a filter, select the data you want to filter for by selecting one or more of the check boxes. Then select **Add**.
+
+:::image type="content" source="/defender/media/add-filter2.png" alt-text="Screenshot of filters dropdown in advanced hunting." lightbox="/defender/media/add-filter2.png":::
+
+You can narrow the results down even further to specific data by selecting the newly added filter. 
+
+:::image type="content" source="/defender/media/add-filter3.png" alt-text="Screenshot of new filter pill in advanced hunting." lightbox="/defender/media/add-filter3.png":::
+
+This opens a dropdown showing the possible filters you can use further. Select one or more of the check boxes, then select **Apply**.
+
+:::image type="content" source="/defender/media/add-filter4.png" alt-text="Screenshot of new filter's dropdown in advanced hunting." lightbox="/defender/media/add-filter4.png":::
+
+Confirm that you have added the filters that you wanted by checking the Filters section. 
+
+:::image type="content" source="/defender/media/add-filter5.png" alt-text="Screenshot of filters added advanced hunting." lightbox="/defender/media/add-filter5.png":::
+
 ## Drill down from query results
 
 You can also explore the results in-line with the following features:
 
@@ -63,7 +63,7 @@ You can also get product updates and important notifications through the [messag
 - (Preview) You can now filter your Microsoft Defender for Cloud alerts by the associated **alert subscription ID** in the Incidents and Alerts queues. For more information, see [Microsoft Defender for Cloud in Microsoft Defender XDR](microsoft-365-security-center-defender-cloud.md).
 
 
-
+- (GA) You can now **[filter your results](advanced-hunting-query-results.md#filter-results)** in advanced hunting so you can narrow down your investigation on specific data you want to focus on.
 
 ## May 2024