Queries for the Anomalies table

Article
02/20/2024

Get Production Anomalies (last day)

Gets a list of all anomalies generated by a production Sentinel rule in the last day

Anomalies
| where TimeGenerated > ago(1d)
| where RuleStatus == "Production"

Get Flighting Anomalies (last day)

Gets a list of all anomalies generated by a flighting Sentinel rule in the last day

Anomalies
| where TimeGenerated > ago(1d)
| where RuleStatus == "Flighting"

Feedback

Coming soon: Throughout 2024 we will be phasing out GitHub Issues as the feedback mechanism for content and replacing it with a new feedback system. For more information see: https://aka.ms/ContentUserFeedback.

Submit and view feedback for

This product This page

View all page feedback

Queries for the Anomalies table

Get Production Anomalies (last day)

Get Flighting Anomalies (last day)

Feedback

Feedback

Additional resources