Demo

cybermohr · Apr 17, 2024 · e66802e · e66802e
1 parent d230728
commit e66802e
Showing 1 changed file with 1 addition and 1 deletion.
diff --git a/Azure Active Directory/Audit-BreakGlassAccountSignIn.kql b/Azure Active Directory/Audit-BreakGlassAccountSignIn.kql
@@ -1,6 +1,6 @@
 //Detects if the Break Glass Account(s) have been used for Sign-in.
 //Break Glass Accounts should be highly protected in only used incase of emergency lockout from tenant.
-//This query is based on a Watchlist that is using the VIPUsers template schema.
+//This query is based on a Watchlist that is using the VIPUsers template schema..
 let watchlist = (_GetWatchlist('BreakGlassAccounts') | project SearchKey);
 SigninLogs
     | where TimeGenerated >= ago(24h)