Regarding the Kusto Query Language for advanced hunting on Defender ATP
I'm looking to query the information for one computer but across multiple tables
I use the Let command to assign the computer name to a variable and this works but only for the 1st table, in this case DeviceNetworkInfo
The results only include the 1st object DeviceNetworkInfo there is no result for the other 2 I'm looking to get the results from all tables using the single hostname variable.
So no results for lines 2 and 3. I only want to type the hostname once.
What i'm using is below
Thanks
0 Let hostname = "Computer1";
1 DeviceNetworkInfo | where DeviceName contains hostname;
2 DeviceProcessEvents | where DeviceName contains hostname;
3 DeviceAlertEvents | where DeviceName contains hostname;
