Skip to Main Content
The Definitive Guide to KQL: Using Kusto Query Language for operations, defending, and threat hunting
book

The Definitive Guide to KQL: Using Kusto Query Language for operations, defending, and threat hunting

by Mark Morowczynski, Rod Trent, Matthew Zorich
June 2024
Intermediate to advanced content levelIntermediate to advanced
480 pages
15h 11m
English
Microsoft Press
Content preview from The Definitive Guide to KQL: Using Kusto Query Language for operations, defending, and threat hunting

Chapter 1

Introduction and Fundamentals

After completing this chapter, you will be able to:

  • Set up the KQL environment and understand the KQL language syntax

  • Search, filter, and manipulate data with KQL

  • Use time operators

Why You Need to Learn KQL

At the 2010 Microsoft Tech Ed conference held in New Orleans, Louisiana, Microsoft MVP Don Jones famously said in his presentation, your choice is to learn PowerShell or be ready to ask, “Would you like fries with that?’” The spirit of what Jones was trying to get across then wasn’t new in 2010, and it’s certainly not new today. The modern IT professional must learn various technologies; you will limit your career if you don’t learn them. You will forever rely on someone with that skill; even worse, ...

Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
and much more.
Start your free trial

You might also like

CompTIA Security+ SY0-701

CompTIA Security+ SY0-701

Sari Greene
SC-200 Microsoft Security Operations Analyst

SC-200 Microsoft Security Operations Analyst

ACI Learning, Anthony Sequeira, Lauren Deal

Publisher Resources

ISBN: 9780138293482