From 51b21e3914446feda6498af5d8eb18843ed7f351 Mon Sep 17 00:00:00 2001
From: KustoKing <75278885+KustoKing@users.noreply.github.com>
Date: Wed, 6 Oct 2021 14:13:15 +0200
Subject: [PATCH] Update Airlift 2021 - Lets Invoke.csl

corrected typo
---
 Webcasts/Airlift 2021 - Lets Invoke.csl | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/Webcasts/Airlift 2021 - Lets Invoke.csl b/Webcasts/Airlift 2021 - Lets Invoke.csl
index 4e9905f1..7f5ea780 100644
--- a/Webcasts/Airlift 2021 - Lets Invoke.csl	
+++ b/Webcasts/Airlift 2021 - Lets Invoke.csl	
@@ -160,7 +160,7 @@ let ServerConnections =
     | distinct DeviceId, InitiatingProcessFolderPath, LocalPort;
 union (
     DeviceNetworkEvents
-    | where ActionType in ('InboundConnectionAccepted','ListeningConnectionCreated','ConnectionSuccess','ConnecitonFound','ConnectionRequest')
+    | where ActionType in ('InboundConnectionAccepted','ListeningConnectionCreated','ConnectionSuccess','ConnectionFound','ConnectionRequest')
         and RemoteIPType != 'Loopback' 
         and LocalIP != RemoteIP 
         and RemoteIP !startswith '169.254' 
@@ -171,7 +171,7 @@ union (
     | extend Directionality = 'Inbound', Port = LocalPort, RemoteIP = iff(IncludeInboundRemoteIPs == true, RemoteIP,'')
 ),(
     DeviceNetworkEvents
-    | where ActionType in ('ConnectionSuccess','ConnecitonFound','ConnectionRequest') 
+    | where ActionType in ('ConnectionSuccess','ConnectionFound','ConnectionRequest') 
         and RemoteIPType != 'Loopback' 
         and LocalIP != RemoteIP 
         and RemoteIP !startswith '169.254' 
@@ -461,4 +461,4 @@ DeviceLogonEvents
 ) on $left.Key == $right.UserAndDomain, $left.Value == $right.HourOfDay
 | project-away Key, Value, SampleSize, Average, Instances, DistinctValueCount, MostCommonValueInstances, MostCommonValue
 | project-reorder MScore, Timestamp, DeviceName, UserAndDomain
-| order by MScore desc
\ No newline at end of file
+| order by MScore desc