The last() function returns the last value recorded.
last()
devices | with execution.events past 7d | where binary.name == "zoom*" | compute last_execution = timestamp.last() | list last_execution, operating_system.name, device.name, operating_system.platform
Last updated 19 days ago
© Nexthink
