Название: The Definitive Guide to KQL: Using Kusto Query Language for operations, defending, and threat hunting (Early Release)
Автор: Mark Morowczynski, Rod Trent, Matthew Zorich
Издательство: Microsoft Press/Pearson Education
Год: 2024
Страниц: 496
Язык: английский
Формат: epub
Размер: 58.4 MB
KQL is a powerful query language that helps analyze a large volume of structured, semi structured, and unstructured data. KQL has inbuilt operators and functions that lets a user analyze data to find trends, patterns, anomalies, create forecasting, and machine learning. KQL underpins a variety of Microsoft cloud products - Microsoft Sentinel, Azure Data Explorer, Microsoft 365 Advanced Hunting, Azure Resource Graph, Azure Monitor and more. KQL has similarities with SQL language as well. KQL allows to write data queries and control commands for the database and the database tables. The Kusto Query Language, or KQL, is one of those foundational technologies for IT professionals, security team members, and really anyone who is leveraging the Microsoft Azure platform. If you want to turn data into insights and action, you’ll need to use KQL. What do we mean by that? There is a tremendous amount of data being generated by your Azure resources. Where KQL Is Used? KQL is used everywhere in Azure! More than 150 services—including applications, IaaS workloads, infrastructure, and the Azure platform itself—can send their data to Azure Monitor. And we can query all of it with KQL.