From 10f6dcb5d995b943c86eed150ba0beb0bfa0ffa8 Mon Sep 17 00:00:00 2001
From: tali-ash <63594865+tali-ash@users.noreply.github.com>
Date: Wed, 22 Apr 2020 14:17:12 +0300
Subject: [PATCH] Update Pivot from detections to related downloads.txt

---
 Delivery/Pivot from detections to related downloads.txt | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/Delivery/Pivot from detections to related downloads.txt b/Delivery/Pivot from detections to related downloads.txt
index f42b9a9f..43551b63 100644
--- a/Delivery/Pivot from detections to related downloads.txt	
+++ b/Delivery/Pivot from detections to related downloads.txt	
@@ -22,7 +22,7 @@ let detectedDownloadsSummary =
 DeviceFileEvents
 | where isnotempty(FileOriginUrl)
 | project FileName, FileOriginUrl, DeviceId, Timestamp,
-          Host=tostring(parse_url(FileOriginUrl).Host)
+          Host=tostring(parse_url(FileOriginUrl).Host), SHA1 
 // Filter downloads from hosts serving detected files
 | join kind=inner(detectedDownloadsSummary) on Host
 // Filter out download file create events that were also detected.