Home    Tutorials    IT & Software    Kusto Query Language (KQL) – Part 2

Kusto Query Language (KQL) – Part 2

 Admin0,

A Deeper dive into Azure Data Explorer (ADX) and the Kusto Query Language (KQL)

As mentioned in the course description for Part 1, there is a good chance you have already used Azure Data Explorer (ADX) to some degree without knowing it. If you have used Azure Security Center, Azure Sentinel, Application Insights, Resource Graph Explorer, or enabled diagnostics on your Azure resources, then you have used ADX. All these services rely on Log Analytics, which is built on top of ADX and is queried using KQL.

What you’ll learn

  • A Deeper Dive into Azure Data Explorer over Part 1 of this Series.
  • More coverage of the amazing Kusto Query Language (KQL).
  • Visualizing Data using Dashboards with Azure Data Explorer.
  • Rendering Data with Azure Data Explorer and KQL.
  • Ingesting Data into Azure Data Explorer.
  • Time Series Analysis with KQL.
  • Trend Analysis with KQL.
  • Anomaly Detection and Forecasting with KQL.
  • Machine Learning with KQL.
  • And More….

Course Content

  • Introduction –> 2 lectures • 7min.
  • Azure Data Explorer –> 9 lectures • 2hr.
  • KQL and Time Series Analysis –> 9 lectures • 1hr 16min.
  • KQL and Machine Learning –> 3 lectures • 17min.
  • Miscelleanous –> 8 lectures • 44min.
  • Azure Data Explorer and KQL Updates –> 2 lectures • 11min.
  • Test Your Knowledge –> 1 lecture • 17min.
  • Bonus –> 1 lecture • 1min.

Kusto Query Language (KQL) - Part 2

Requirements

As mentioned in the course description for Part 1, there is a good chance you have already used Azure Data Explorer (ADX) to some degree without knowing it. If you have used Azure Security Center, Azure Sentinel, Application Insights, Resource Graph Explorer, or enabled diagnostics on your Azure resources, then you have used ADX. All these services rely on Log Analytics, which is built on top of ADX and is queried using KQL.

Like many other tools and products, ADX was started by a small group of engineers in Israel around 2015. They needed to solve a problem. A group of developers from Microsoft’s Power BI team needed a high-performing big data solution to ingest and analyze their logging and telemetry data. So, of course, they built their own because they could not find a service that met all their needs. This resulted in the Azure Data Explorer, also known as Kusto.

So, what is ADX? It is a fully managed, append-only columnar store big data service capable of elastic scaling and ingesting literally hundreds of billions of rows daily. ADX offers:

 

  • Low-latency ingestion and elastic scaling
  • Security
  • Cost-efficient (pay as you consume)
  • High availability
  • Time Series Analysis
  • Super fast query performance via KQL
  • Custom built solutions

Part 2 of this series of courses on Azure Data Explorer and KQL goes more deeply into ADX and covers more use cases for the Kusto Query Language. The more deeply you get into KQL the more you realize what an amazing query language it is. And, you will probably start wondering why SQL doesn’t implement many of the features we covered in Part 1 and will cover in Part 2.

Will there be a Part 3? That is up to you. Tell us what you would like to see that we haven’t yet already covered.

Get Tutorial