Back to all modules

KQL

KQL icon

Get hands-on with analysing security logs to detect and investigate threats efficiently using KQL.

Kusto Query Language (KQL) is a highly efficient, read-only query language used in various Microsoft services, such as Azure Data Explorer, Azure Monitor, and Microsoft Sentinel. This makes it accessible to analysts, developers, and IT professionals for querying log data. This module will help you become more comfortable using KQL query syntax, from basic to advanced level queries, to analyze logs from different sources and detect anomalies using various KQL operators and functions.

KQL icon
image

0%

KQL (Kusto): Introduction

This room introduces you to Kusto Query Language and provides an overview of Microsoft Sentinel.

image

0%

KQL (Kusto): Basic Queries

This room is designed to work you through basic KQL queries for analyzing security logs.

image

0%

KQL (Kusto): Advanced Queries

Learn about advanced KQL queries and how to leverage the power of Microsoft KQL.

What are modules?

A learning pathway is made up of modules, and a module is made of bite-sized rooms (think of a room like a mini security lab).

Module tree diagram

We use cookies to ensure you get the best user experience. For more information contact us.

Read more