Improve queries performance: replace 'contains' with 'has'

[sloutsky]

trafficstars

In Kusto (the underlying database engine used for Sentinel) : for the cases when the full worked is looked up - it is better (perf-wise) to use 'has' instead of 'contains'.

See Kusto best query practices: https://docs.microsoft.com/en-us/azure/data-explorer/kusto/query/best-practices

"When using string operators: Prefer has operator over contains when looking for full tokens. has is more performant as it doesn't have to look-up for substrings."