Register your product to gain access to bonus material or receive a coupon.
The Definitive Guide to KQL: Using Kusto Query Language for operations, defending, and threat hunting
- By Mark Morowczynski, Rod Trent, Matthew Zorich
- Published May 14, 2024 by Microsoft Press. Part of the Business Skills series.
Best Value Purchase
Book + eBook Bundle
- Your Price: $56.79
- List Price: $97.98
- Includes EPUB and PDF
- About eBook Formats
This eBook includes the following formats, accessible from your Account page after purchase:
EPUB
The open industry format known for its reflowable content and usability on supported mobile devices.
PDF
The popular standard, used most often with the free Acrobat® Reader® software.
This eBook requires no passwords or activation to read. We customize your eBook by discreetly watermarking it with your name, making it uniquely yours.
More Purchase Options
eBook
- Your Price: $38.39
- List Price: $47.99
- Includes EPUB and PDF
- About eBook Formats
This eBook includes the following formats, accessible from your Account page after purchase:
EPUB
The open industry format known for its reflowable content and usability on supported mobile devices.
PDF
The popular standard, used most often with the free Acrobat® Reader® software.
This eBook requires no passwords or activation to read. We customize your eBook by discreetly watermarking it with your name, making it uniquely yours.
Description
- Copyright 2024
- Dimensions: 7-3/8" x 9-1/8"
- Pages: 480
- Edition: 1st
- Book
- ISBN-10: 0-13-829338-4
- ISBN-13: 978-0-13-829338-3
Turn the avalanche of raw data from Azure Data Explorer, Azure Monitor, Microsoft Sentinel, and other Microsoft data platforms into actionable intelligence with KQL (Kusto Query Language). Experts in information security and analysis guide you through what it takes to automate your approach to risk assessment and remediation, speeding up detection time while reducing manual work using KQL. This accessible and practical guidedesigned for a broad range of people with varying experience in KQLwill quickly make KQL second nature for information security.
Solve real problems with Kusto Query Language and build your competitive advantage:
- Learn the fundamentals of KQLwhat it is and where it is used
- Examine the anatomy of a KQL query
- Understand why data summation and aggregation is important
- See examples of data summation, including count, countif, and dcount
- Learn the benefits of moving from raw data ingestion to a more automated approach for security operations
- Unlock how to write efficient and effective queries
- Work with advanced KQL operators, advanced data strings, and multivalued strings
- Explore KQL for day-to-day admin tasks, performance, and troubleshooting
- Use KQL across Azure, including app services and function apps
- Delve into defending and threat hunting using KQL
- Recognize indicators of compromise and anomaly detection
- Learn to access and contribute to hunting queries via GitHub and workbooks via Microsoft Entra ID
Downloads
Downloads
Follow the instructions to download this book's lesson files.
- Click the Download button below to start the download.
- If prompted, click Save.
- Locate the .zip file on your computer. Right-click the file, click Extract All, and then follow the instructions.
Sample Content
Sample Pages
Download the sample pages (includes Chapter 2 pages 65-98)
Table of Contents
Foreword by Ann Johnson
CHAPTER 1 Introduction and Fundamentals
CHAPTER 2 Data Aggregation
CHAPTER 3 Unlocking Insights with Advanced KQL Operators
CHAPTER 4 Operational Excellence with KQL
CHAPTER 5 KQL for CybersecurityDefending and Threat Hunting
CHAPTER 6 Advanced KQL Cybersecurity Use Cases and Operators