List Statistics Of On-boarded Devices Per Operating System
Description
This KQL query lists how many devices have been on-boarded per operating system.
Query
Defender For Endpoint
Kusto
DeviceInfo
| where OnboardingStatus == "Onboarded"
| summarize arg_max(Timestamp, *) by DeviceId
| summarize TotalDevices = count() by OSPlatformMicrosoft Sentinel
Kusto
DeviceInfo
| where OnboardingStatus == "Onboarded"
| summarize arg_max(Timestamp, *) by DeviceId
| summarize TotalDevices = count() by OSPlatform