The Definitive Guide to KQL: Using Kusto Query Language for operations, defending, and threat hunting

Chapter 1 Introduction and Fundamentals

After completing this chapter, you will be able to:

Set up the KQL environment and understand the KQL language syntax
Search, filter, and manipulate data with KQL
Use time operators

Why You Need to Learn KQL

At the 2010 Microsoft Tech Ed conference held in New Orleans, Louisiana, Microsoft MVP Don Jones famously said in his presentation, your choice is to learn PowerShell or be ready to ask, “Would you like fries with that?’” The spirit of what Jones was trying to get across then wasn’t new in 2010, and it’s certainly not new today. The modern IT professional must learn various technologies; you will limit your career if you don’t learn them. You will forever rely on someone with that skill; even worse, ...

Get The Definitive Guide to KQL: Using Kusto Query Language for operations, defending, and threat hunting now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial

The Definitive Guide to KQL: Using Kusto Query Language for operations, defending, and threat hunting by Mark Morowczynski, Rod Trent, Matthew Zorich

Chapter 1

Introduction and Fundamentals

Why You Need to Learn KQL

Don’t leave empty-handed

It’s yours, free.

Check it out now on O’Reilly