Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

KQL Query for DomainEntity_EmailUrlInfo is not optimized for larger data sets #11494

Merged
merged 11 commits into from
Dec 4, 2024

Conversation

v-visodadasi
Copy link
Contributor

@v-visodadasi v-visodadasi commented Nov 27, 2024

Required items, please complete

Change(s):

  • Replaced existing query with new query

Reason for Change(s):

  • KQL Query for DomainEntity_EmailUrlInfo is not optimized for larger data sets leading to memory issues in LAW.

Version Updated:

  • Yes

Testing Completed:

  • Yes

Copy link

Hello how are you I am GitHub bot
😀😀
I see that you changed templates under the detections/analytic rules folder. Did you remember to update the version of the templates you changed?
If not, and if you want customers to be aware that a new version of this template is available, please update the version property of the template you changed.

@v-prasadboke v-prasadboke self-assigned this Nov 27, 2024
@v-prasadboke v-prasadboke added Solution Solution specialty review needed Detection Detection specialty review needed labels Nov 27, 2024
@v-visodadasi v-visodadasi marked this pull request as ready for review November 28, 2024 09:28
@v-visodadasi v-visodadasi requested review from a team as code owners November 28, 2024 09:28
@v-prasadboke v-prasadboke merged commit 26f4768 into master Dec 4, 2024
34 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
Detection Detection specialty review needed Solution Solution specialty review needed
Projects
None yet
Development

Successfully merging this pull request may close these issues.

DomainEntity_EmailUrlInfo TI detection creates memory issues on large data sets
2 participants