Queries for the DnsEvents table
Clients Resolving Malicious Domains
Distinct clients resolving malicious domains.
DnsEvents
| where SubType == 'LookupQuery' and isnotempty(MaliciousIP)
| summarize count() by ClientIP
Feedback
Coming soon: Throughout 2024 we will be phasing out GitHub Issues as the feedback mechanism for content and replacing it with a new feedback system. For more information see: https://aka.ms/ContentUserFeedback.
Submit and view feedback for