NQL last()
last() 関数は最後に記録された値を返します。
devices
| with execution.events 過去 7d
| where binary.name == "zoom*"
| compute last_execution = timestamp.last()
| list last_execution, operating_system.name, device.name, operating_system.platformLast updated
Was this helpful?