wwlpublish Work with data in Microsoft Sentinel using Kusto Query Language - Training
- Learn to use Kusto Query Language (KQL) to manipulate
stringdata from log sources. You'll be able toextractdata from bothunstructuredandstructuredstring fields and create functions using KQL.
‣
Introduction
‣
Extract data from unstructured string fields
‣
Extract data from structured string data
‣
Integrate external data → Reading
‣
Create parsers with functions
‣
Knowledge check
‣