hands-on lab

Introduction to Kusto Query Language (KQL)

Intermediate
1h
442
4.6/5
Get guided in a real environmentPractice with a step-by-step scenario in a real, provisioned environment.
Learn and validateUse validations to check your solutions every step of the way.
See resultsTrack your knowledge and monitor your progress.
Lab description

Kusto Query Language (KQL) is a powerful pipeline-driven, read-only query language that enables the queries against the Azure logs to be easier and straightforward. It will look very familiar if you've ever worked with a structured query language (SQL). A big reason companies use KQL to query logs is its ability to be easy to read, author, and automate. KQL is also supported to query not just Azure Log Analytics but also works with the Azure Data Explorer to analyze a really high volume of data.

In this hands-on lab, you will learn the basics about the KQL query language and explore the operators used to filter and transform the log data to make it usable and actionable for the security and operations team.

Learning Objectives

Upon completion of this intermediate-level lab, you will be able to:

  • Understand KQL query language basics
  • Use operators in KQL to filter and transform logs
  • Use built-in JSON functions to transform data
  • Render the log data using Charts

Intended Audience

  • Candidates for Azure Administrator Exam
  • Cloud Architects
  • Data Engineers
  • Software Engineers

Prerequisites

Familiarity with the following will be beneficial but is not required:

  • Azure Log Analytics
  • Understanding SQL or similar query commands

The following lab can be used to fulfill the prerequisite:

Environment before
Environment after
About the author
Avatar
Parveen Singh
Cloud Lab Developer
Students
13,879
Labs
94
Courses
1
Learning paths
3

Parveen is an Azure advocate with previous experience in the professional consulting services industries. He specializes in infrastructure and DevOps with a wide range of knowledge in security and access management. He is also an Azure Certified - DevOps Engineer Expert, Security Engineer, Developer Associate, Administrator Associate, CompTIA Certified - Network+, Security+, and AWS Cloud Practitioner.
Parveen enjoys writing about cloud technologies and sharing the knowledge with the community to help students upskill in the cloud.

Covered topics
Lab steps
Logging in to the Microsoft Azure Portal
Exploring Kusto Query Language Commands