Refer to the exhibit. You are analyzing a KQL query in Microsoft Sentinel. The query returns a list of IP addresses that have attempted to sign in more than 10 times in the last day. You notice that the query does not filter out successful sign-ins. You need to modify the query to count only failed sign-in attempts. What should you add?
This excludes successful sign-ins (ResultType == "0").
Why this answer
Option C is correct because filtering by ResultType != "0" excludes successful sign-ins (ResultType == "0"). Option A is wrong because ResultType == "0" only includes successful sign-ins. Option B is wrong because Status is not a column; the correct column is ResultType.
Option D is wrong because the column is ResultType, not Result.