在日志分析工作区下协助 KQL

ConfigurationChange
| where ConfigChangeType == "WindowsServices"
and SvcState == "Stopped"
and (
Computer has "NET-SQL2.networkhg.org.uk"
or Computer has "NET-SQL3.networkhg.org.uk"
or Computer has "NET-GISSQL1.networkhg.org.uk"
or Computer has "NET-CALSQL.networkhg.org.uk"
)
and (
SvcDisplayName == "SQL Full-text Filter Daemon Launcher (TEST)"
or SvcDisplayName == "SQL Full-text Filter Daemon Launcher (MSSQLSERVER)"
or SvcDisplayName == "SQL Full-text Filter Daemon Launcher (SQLEXPRESS)"
or SvcDisplayName == " SQL Server (MSSQLSERVER)"
or SvcDisplayName == "SQL Server (Test) "
or SvcDisplayName == "SQL Server Agent (MSSQLSERVER)"
or SvcDisplayName == "SQL Server Agent (Test)"
or SvcDisplayName == "SQL Server Browser"
or SvcDisplayName == "SQL Server Integration Services 10.0"
or SvcDisplayName == "SQL Full-text Filter Daemon Launcher (FIDO)"
or SvcDisplayName == "SQL Full-text Filter Daemon Launcher (SUN)"
or SvcDisplayName == "SQL Server (FIDO)"
or SvcDisplayName == "SQL Server (SUN)"
or SvcDisplayName == "SQL Server Agent (FIDO)"
or SvcDisplayName == "SQL Server VSS Writer"
or SvcDisplayName == " SQL Server Integration Services 11.0"
or SvcDisplayName == "SQL Server Reporting Services (MSSQLSERVER)"
or SvcDisplayName == "SQL Server Reporting Services (SQLEXPRESS)"
or SvcDisplayName == "SQL Server Analysis Services (MSSQLSERVER)"
)

要问的问题，如果其中一个服务在上述任何服务器中停止，我会收到有关该服务器的电子邮件还是将列出所有服务器