mirror of
https://github.com/BillyOutlast/shitav.git
synced 2026-02-04 03:01:18 +01:00
532 B
532 B
// Query to retrieve all systems and their associated CVEs let systems = SecurityEvent | where EventID == 4624 // Replace with the appropriate event ID for system logon events | summarize LastLogonTime = max(TimeGenerated) by ComputerName;
let cves = SecurityAlert | where VendorName == "CVE" // Replace with the appropriate vendor name for CVEs | summarize CVEs = make_set(Title) by ComputerName;
// Join the systems and CVEs datasets systems | join kind=leftouter cves on ComputerName | project ComputerName, LastLogonTime, CVEs