Import under "Windows Server Update Services Analytics."
Based on the KBs and Security Bulletin listed in this article from Microsoft:
Hoping this helps someone out there make sure their environment doesn't get hit by the latest in exciting ransomware.
A sample LEM rule for identifying suspicious activity from WanaCrypt can be found here: WanaCrypt v1 Detection Rule
UPDATE: I worked with one of the Support guys, and he pointed out I had a couple problems with the query that resulted in some environments getting many, many bytes in their TempDB. This has now been fixed, so download version 2 and see if it works better!