Query Library
New postPost queries you find useful or lookup examples to help get you started with searching your data.
Show all
Sort by recent activity
-
Time frame0 votes 4 comments
-
AD query for user creation and deletion in short period of time0 votes 3 comments
-
Security-Related Queries for Windows2 votes 3 comments
-
Parse Same Field Multiple Times0 votes 2 comments
-
Sourcehost Renaming0 votes 0 comments
-
Sorting0 votes 2 comments
-
Searches for "After-Hours" Activity0 votes 2 comments
-
Regex - Multi0 votes 1 comment
-
Geo Lookup without IP0 votes 3 comments
-
Collating results from two different message0 votes 1 comment
-
Kubernetes Cheat Sheet0 votes 0 comments
-
Multi Parse0 votes 1 comment
-
Is there a way to parse or filter the sourcehost0 votes 1 comment
-
Exchange DashBoard0 votes 0 comments
-
MS17-010 detection logic0 votes 1 comment
-
Combining two results from different queries0 votes 3 comments
-
how to get the length of split in the field1 vote 1 comment
-
payload Search with key value0 votes 1 comment
-
My template parameters don't work0 votes 6 comments
-
lookup operator with compareCIDRPrefix0 votes 2 comments
-
lookup operator with dynamic url?0 votes 0 comments
-
Generating AD Group membership report(Domain, Schema, Enterprise admins)0 votes 0 comments
-
Use _count as column (subquery)0 votes 2 comments
-
Stacked chart with time compare0 votes 0 comments
-
Time compare question0 votes 0 comments
-
Hide count paramterin my chart0 votes 2 comments
-
finding the ratio of aggregated result?1 vote 1 comment