Defender Advanced hunting Query for Detecting SQL Servers in your enviroment

May 15, 2025
Research
0 Comments
paris

DeviceProcessEvents
| where FileName contains "sqlservr.exe"
| join kind=inner (
    DeviceInfo
    | where OSPlatform contains "Server"
) on DeviceId
| summarize by DeviceId, DeviceName, OSPlatform

DeviceProcessEvents
| where InitiatingProcessFileName contains "sql"
| join kind=inner (
    DeviceInfo
    | where OSPlatform contains "Server"
) on DeviceId
| summarize by DeviceId, DeviceName, OSPlatform

(No Ratings Yet)

Sing Pang Looks to be few yeards old post, but BitTitan can migrate more than just 3 latest versions. Just adjust the settings. Still useful way to compare two libraries
How to compare two document libraries from different Office 365 Tenancies \ SharePoint Sites · April 7, 2025
KaiUno Thanks man! Reverting back to 16.0.18227.20162 did the trick for my 2016 environment.
Office 365 crashes on Server 16 Terminal Server – Faulting module path: C:\windows\System32\KERNELBASE.dll · January 14, 2025
PD2JK Tnx! Works here in our environment and rolling back to 16.0.18129.20200 worked like a charm! Kind regards from the Netherlands.
Office 365 crashes on Server 16 Terminal Server – Faulting module path: C:\windows\System32\KERNELBASE.dll · January 13, 2025
Andrea Rochira Well, this solution still works in 2023 and better than PowerShell! Thank you.
Copy file to workstations with Windows Intune · September 19, 2023
Emre Temel Thank you for this information. You save my life. 🙂
Exchange Setup – A required audit event could not be generated for the operation · September 18, 2023