Create Kusto (KQL) queries
Log Analytics in Azure Monitor supports the Kusto Query Language (KQL). The KQL syntax helps you quickly and easily create simple or complex queries to retrieve and consolidate your monitoring data in the repository.
Write KQL log queries for Azure Monitor
Watch the following video to learn how to write KQL log queries with Log Analytics in Azure Monitor. The video covers the following concepts:
- View table data in the Azure Monitor Logs repository
- Create simple and complex queries
- Filter and summarize search results
- Add visualizations for search results
In the next unit, we take a closer look at how to structure a KQL query.
Things to consider when using KQL queries
Here are some of the many things you can accomplish with KQL log queries in Log Analytics:
Create and save searches of your data stored in the Azure Monitor Logs repository.
Use your saved log searches to directly analyze your data in the Azure portal.
Configure your saved log searches to run automatically.
Configure your saved log searches to produce notification alerts.
Add visualizations for your saved log searches to see graphical views of your environment health.
Export your data from the repository into tools like Power BI or Excel to analyze your data outside of Log Analytics.
Build custom query solutions with the Log Analytics REST API.