kql - KustoSentinel - How do I createsave a user defined global function parameters that accept fields - Stack Overflow

admin•2025-04-16 10:41:32•questions•阅读0

I am trying to create a user defined function to store as a global function. This has to accept two fie

I am trying to create a user defined function to store as a global function. This has to accept two field parameters and spit out a table.

I managed to get it to work as an inline function.

let customFunc = (T:(Title: string)) { 
  T | where Title has_any "value"
    | distinct Title
};
let SE_table = SecurityEvent | where TimeGenerated > ago(1h);
let x        = customFunc(SE_table)

The results display the Title field from the SecurityEvent table with all unique values in the last hour. Once I save this as a global function in the GUI, I receive an error that customFunc expects a scalar value.

Tried saving customFunc as a global function using the GUI with T as a dynamic value, but no dice.

The closest I came to using a global function that takes a field value is detailed in the following article:

This predates creation of the GUI that permits saving functions without using PowerShell. I am able to cast T as a dynamic variable within the GUI, but the function declaration is a bit out of my league.

My end goal is to create a function that accepts two arguments, uses them to reference a watchlist and spits out a verdict.

发布者：admin，转转请注明出处：http://www.yc00.com/questions/1744619689a4584265.html

admin

questions
html - application-title meta tag not working for PWA - Stack Overflow
I am trying to use the application-title meta tag that was released recently. It should work on Chrome
admin
27分钟前
00
questions
javascript - Intercept calls to constructor - Stack Overflow
I am having a bit of trouble intercepting constructor calls to a library (so I can replay them later) w
admin
27分钟前
00
questions
javascript - how draw in canvas read a json? - Stack Overflow
I'm trying to draw through on a HTML5 canvas. I managed to draw on the canvas but I need to do it
admin
26分钟前
00
questions
javascript - Save Paragraphs as a PDF dynamically? - Stack Overflow
Is it possible to use JSPDF to save paragraphs <p> that include borders as a PDF, incorporating t
admin
24分钟前
00
questions
javascript - What does -~ before .indexOf() mean? - Stack Overflow
I am looking at SocketIO source code and it has this statement:if (-~manager.get('blacklist')
admin
24分钟前
10
questions
javascript - Wrap images on papercup(background image) - Stack Overflow
I want to wrap images and text on sample papercup.When a image is uploaded on canvas, I want to wrap i
admin
22分钟前
00
questions
javascript - How to add markers on cesium terrain - Stack Overflow
In order to add markers on terrain in cesium I used the sampleTerrain function to get the height.I'
admin
21分钟前
00
questions
openbabel - PyMOL and Open Babel compatibility issues? (BioinformaticsCheminformatics) - Stack Overflow
I am trying to use pymol and open babel in a pipeline to eventually perform docking of protein and liga
admin
21分钟前
00
questions
How to I make GCC not emit a PLT section on AArch64? - Stack Overflow
While compiling this program which uses a custom ELF loader to load shared object files, with gcc versi
admin
16分钟前
00
questions
Is Spring Boot Camel onException handling Broken after 4.7.x release? - Stack Overflow
We are using camel as ESB and noticed something breaking after 4.7.x release.The "onException&quo
admin
14分钟前
00
questions
javascript - How to change the text of li in ul without changing it's other properties? - Stack Overflow
I have a li in a ul like following.<li class="list-group-item" data_id="1909" id
admin
13分钟前
00
questions
javascript - Looking for regex: soft hyphen or not a word character - Stack Overflow
I am looking for a regex yielding to characters which are not word-characters nor a soft hyphen (U+00AD
admin
13分钟前
00
questions
javascript - Why "Microsoft JScript runtime error: Object expected"? - Stack Overflow
I'm about 1 day old in using jquery, and is currently having a nightmare with it. I alreadt spent
admin
10分钟前
00
questions
javascript - Is there an es6 module-scope equivalent to `window`? - Stack Overflow
In Javascript, we can add global variables at any point using the window object:'use strict';
admin
9分钟前
00
questions
javascript - My css doesn't load automatically in react with vite - Stack Overflow
I have some css and js files that I try to import into a view in React with vite so that it loads the s
admin
7分钟前
00
questions
c# - Why wpf webbrowser generate script error? - Stack Overflow
I have a site that I am trying to navigate to using wpf webbrowser. When I navigate to it, I am getting
admin
5分钟前
00
questions
c++ - How do I fix my brushless motor not reversing with my Arduino esp-32 nano? - Stack Overflow
I am coding an RC car in the Arduino IDE.Here are the specs of what I use:Arduino Nano esp-32Wifi pro
admin
5分钟前
00
questions
javascript - How to save the value of INPUT in variable? - Stack Overflow
How to save the value of INPUT in variable to not to write a lot of duplicate code?like var input = $(t
admin
3分钟前
10
questions
javascript - Android keyboard hide text inputs - Stack Overflow
I have an application using jQuery Mobile. When testing on Chrome (on Android), when the keyboard is op
admin
1分钟前
00
questions
docker - Python-Selenium Remote Connection to Dockerized Selenium Server - Stack Overflow
I'm trying to connect to a Dockerized version of Selenium on the same host within one Python scrip
admin
16秒前
00

发表回复

评论列表（0条）

暂无评论

kql - KustoSentinel - How do I createsave a user defined global function parameters that accept fields - Stack Overflow

发表回复

评论列表（0条）

联系我们

400-800-8888

kql - KustoSentinel - How do I createsave a user defined global function parameters that accept fields - Stack Overflow

相关推荐

发表回复

评论列表（0条）

联系我们

400-800-8888