Analyze query results using KQL

Security Operations Analyst
Microsoft Sentinel
Azure Log Analytics

Learn how to summarize and visualize data with a KQL statement provides the foundation to build detections in Microsoft Sentinel.

Learning objectives

Upon completion of this module, the learner will be able to:

  • Summarize data using KQL statements
  • Render visualizations using KQL statements


  • Familiarity with security operations in an organization.
  • Basic experience with Azure services.