Welcome to KQL: A Gateway to Microsoft Sentinel. KQL is a simple query language used across multiple products like
Azure Log Analytics,
Microsoft Sentinel,
Azure Resource Graph
to read
structured &
unstructured data.
In this book, we will be focusing on how to get started with KQL while we are using Microsoft Sentinel. With the help of this book, you will have a basic understanding of Kusto Query Language and learn a framework to build your own queries. This is written as a reference for you to start writing and continue to evolve your KQL queries. The building block explained are
Quick Start
Go for a quick result
Filter for better results
Leverage the joins
Summarize for perspective
Save & Reuse
Apply the visual
Build the use case
This book will be myth buster on your KQL journey.
Details
- Publication Date
- Oct 8, 2023
- Language
- English
- ISBN
- 9781312032569
- Category
- Computers & Technology
- Copyright
- All Rights Reserved - Standard Copyright License
- Contributors
- By (author): Samik Roy
Specifications
- Format