Register your product to gain access to bonus material or receive a coupon.
This eBook includes the following formats, accessible from your Account page after purchase:
EPUB The open industry format known for its reflowable content and usability on supported mobile devices.
PDF The popular standard, used most often with the free Acrobat® Reader® software.
This eBook requires no passwords or activation to read. We customize your eBook by discreetly watermarking it with your name, making it uniquely yours.
This eBook includes the following formats, accessible from your Account page after purchase:
EPUB The open industry format known for its reflowable content and usability on supported mobile devices.
PDF The popular standard, used most often with the free Acrobat® Reader® software.
This eBook requires no passwords or activation to read. We customize your eBook by discreetly watermarking it with your name, making it uniquely yours.
Learning KQL is a necessity for system administrators, Azure operators, and security analysts alike, ensuring workloads are monitored to be active, accessible, and secure in the Microsoft Azure cloud platform.
KQL is a powerful query language that helps analyze a large volume of structured, semi structured, and unstructured data. KQL has inbuilt operators and functions that lets a user analyze data to find trends, patterns, anomalies, create forecasting, and machine learning. KQL underpins a variety of Microsoft cloud products—Microsoft Sentinel, Azure Data Explorer, Microsoft 365 Advanced Hunting, Azure Resource Graph, Azure Monitor and more.
This book is designed to be the definitive guide to not only learning KQL but also to using KQL to solve real-world problems. As you learn parts of the language, the authors will show how that can be used to aid with daily operations and security investigations. At the completion of the book, you will have not only learned the language, but also operationalized KQL in your environment.
This topic is important for anyone who manages anything in Azure and any service (AWS, GCP, etc.) being managed through an Azure-based security platform, as well as systems administrators, security consultants, security operations center analysts, and data scientists.
Forward by Ann Johnson
Chapter 1: Introduction and fundamentals
Chapter 2: Data summation and aggregation
Chapter 3: Advanced KQL operators
Chapter 4: Operational excellence with KQL
Chapter 5: Security and threat hunting
Chapter 6: Contributing