What events will be matched by the following Kusto query? where Timestamp > ago(15d)
Click on the arrows to vote for the correct answer
A. B. C. D.Correct Answer: C Option C is correct as ago operator subtracts the given timespan from the current UTC clock time.
Option A,B & D are incorrect as it does not satisfy the ago operation condition.
Reference:
The Kusto query where Timestamp > ago(15d) will match events within the last 15 days.
To understand why, let's break down the query.
Timestamp refers to the timestamp of the event.ago() is a Kusto function that allows you to specify a time offset relative to the current time. In this case, ago(15d) means 15 days ago from the current time.> is a comparison operator that matches events whose timestamps are greater than the specified time offset.So when we put it all together, the query is asking for events whose timestamps are greater than 15 days ago from the current time. In other words, events that have occurred within the last 15 days.
Therefore, the correct answer is C. Events within the last 15 days.