Turn the avalanche of raw data from Azure Data Explorer Azure Monitor Microsoft Sentinel and
other Microsoft data platforms into actionable intelligence with KQL (Kusto Query Language).
Experts in information security and analysis guide you through what it takes to automate your
approach to risk assessment and remediation speeding up detection time while reducing manual
work using KQL. This accessible and practical guidedesigned for a broad range of people with
varying experience in KQLwill quickly make KQL second nature for information security. Solve
real problems with Kusto Query Language and build your competitive advantage: Learn the
fundamentals of KQLwhat it is and where it is used Examine the anatomy of a KQL query
Understand why data summation and aggregation is important See examples of data summation
including count countif and dcount Learn the benefits of moving from raw data ingestion to a
more automated approach for security operations Unlock how to write efficient and effective
queries Work with advanced KQL operators advanced data strings and multivalued strings
Explore KQL for day-to-day admin tasks performance and troubleshooting Use KQL across Azure
including app services and function apps Delve into defending and threat hunting using KQL
Recognize indicators of compromise and anomaly detection Learn to access and contribute to
hunting queries via GitHub and workbooks via Microsoft Entra ID
