First, thank you GitBook as a supporter. We are using GitBook to write these KQL examples here as a team. You can also provide feedback or submit issues on our Github https://github.com/MSEndpointMgr/Gitbook-KQL
In this chapter, we will show some examples that we use frequently to help you start using KQL
If you don't have any data that you can use, you can log in to KQL Playground https://aka.ms/LAdemo and use that in your practics.
Where and how did I start to learn this? Here is our list of where you can begin.
- Blog: MSEndpointMgr.com
- Blog: Become a KQL Ninja by Huy Kha
- Blog: Kusto King by Gianni Castaldi
- Blog: Azure Cloud & AI Domain Blog
- Blog: Must Learn KQL by Rod Trent
- Blog: CloudSMA by Billy York
- Microsoft Doc: Log Analytics tutorial
- Microsoft Doc: Log queries in Azure Monitor
Azure Monitor workbook provides rich visual reports in Azure Portal and gives you a real-time and interactive experience. In addition, workbooks can query data from multiple sources within Azure, and combine all these data from different sources into a single report.
Here is my collection of where I begin to learn to create my first workbook
- Blog: Azure Sentinel Workbooks 101 by Scott Muniz
- Video: How to build Azure Workbooks using logs and parameters | Azure Portal Series
- Blog: Azure Automation Update Management Workbook by Billy York
- Blog: Using Azure Monitor Workbooks to document your Azure resources by Mathieu Buisson
- Microsoft Doc: Azure Monitor Workbooks
- Blog: MSEndpointMgr.com
This software is created by MSEndpointMgr and it is distributed under the MIT License.