sameer fakhoury
  • Home
  • CTF Writeups
  • Course Summaries
  • Cyber Reports
  • Articles
  • Event Notes
  • About Me
6.4 Work with data in Microsoft Sentinel using Kusto Query Language`

6.4 Work with data in Microsoft Sentinel using Kusto Query Language`

  • wwlpublish Work with data in Microsoft Sentinel using Kusto Query Language - Trainingwwlpublish Work with data in Microsoft Sentinel using Kusto Query Language - Training
  • Learn to use Kusto Query Language (KQL) to manipulate string data from log sources. You'll be able to extract data from both unstructured and structured string fields and create functions using KQL.
‣

Introduction

‣

Extract data from unstructured string fields

‣

Extract data from structured string data

‣

Integrate external data → Reading

‣

Create parsers with functions

‣

Knowledge check

‣

Summary and resources

©sameer fakhoury

GitHubLinkedIn