Ad slot: top
GoSplunk SPL + dashboard repository
Log in Register

SPL

Microsoft AntiMalware Scan Completion

WinEventLog:System

Description

Submitted by SplunkNinja

This query lists a count by scan type, duration of scan, and the host the scan took place on. Modify as needed.
0 0 
sourcetype="WinEventLog:System" SourceName="Microsoft Antimalware" EventCode=1001 | stats count by Scan_Type, Scan_Time, host

Comments

0 total

Be the first to comment on this SPL.

Leave a comment

You must log in to post a comment.

Ad slot: bottom