Episode

FastTrack for Azure Season 2 Ep16: Introduction to Kusto Query Language

with Vanessa Bruwer, Saul Dolgin

Learn Live

In this session, learn how to write queries in Kusto Query Language (KQL) in the context of Azure Monitor and Microsoft Sentinel. We will cover best practices, design, how to create queries in the interface and leveraging scalar/aggregation functions and much more.

Learning objectives

• Introduction to KQL
• Syntax and basic operations
• Advanced operations such as join and parse

Chapters

• 00:00 - Introduction
• 01:19 - Learning resources
• 01:49 - Learning objectives
• 04:32 - Getting started
• 04:59 - Navigating the interface
• 11:14 - Query writing tips and tricks
• 13:18 - Writing your first query
• 14:35 - Filtering and sorting
• 24:13 - Aggregation and scalar functions
• 37:33 - Rendering graphs
• 47:17 - Joining queries
• 01:01:05 - Parsing text
• 01:16:30 - Queries in Azure Resource Graph
• 01:27:38 - Wrap-up summary

Recommended resources

• Session documentation: Getting started with Kusto Query Language

Related episodes

• Full series: Learn Live: FastTrack for Azure Season 2

Connect

• Vanessa Bruwer | LinkedIn: in/vanessa-bruwer/
• Saul Dolgin | LinkedIn: in/sdolgin/

In this session, learn how to write queries in Kusto Query Language (KQL) in the context of Azure Monitor and Microsoft Sentinel. We will cover best practices, design, how to create queries in the interface and leveraging scalar/aggregation functions and much more.

Learning objectives

• Introduction to KQL
• Syntax and basic operations
• Advanced operations such as join and parse

Chapters

• 00:00 - Introduction
• 01:19 - Learning resources
• 01:49 - Learning objectives
• 04:32 - Getting started
• 04:59 - Navigating the interface
• 11:14 - Query writing tips and tricks
• 13:18 - Writing your first query
• 14:35 - Filtering and sorting
• 24:13 - Aggregation and scalar functions
• 37:33 - Rendering graphs
• 47:17 - Joining queries
• 01:01:05 - Parsing text
• 01:16:30 - Queries in Azure Resource Graph
• 01:27:38 - Wrap-up summary

Recommended resources

• Session documentation: Getting started with Kusto Query Language

Related episodes

• Full series: Learn Live: FastTrack for Azure Season 2

Connect

• Vanessa Bruwer | LinkedIn: in/vanessa-bruwer/
• Saul Dolgin | LinkedIn: in/sdolgin/

Video URL

Start at time

HTML iframe

Player size

1920 x 1080 1280 x 720 640 x 360

Start at time

Intermediate

Solution Architect

Developer

Azure Monitor

Azure Resource Graph

Microsoft Sentinel

Kusto