- Module 1: Learn about the basics of Kusto Query Language (KQL), and the various Microsoft products that use it.
By the end of this module, you'll be able to:
- Identify common elements of a query
- Describe key features of a Kusto Query Language (KQL) query
- Describe the different environments in which you can use KQL
- Module 2: Learn how to write simple queries in Kusto Query Language (KQL) by using the operators take, project, count, where, and sort.
By the end of this module, you'll be able to:
- Write your first query with KQL.
- Use KQL to explore data by using the most common operators.
- Module 3: Learn how to write advanced queries in Kusto Query Language (KQL) by using the aggregation functions, the render operator, and variables.
By the end of this module, you'll be able to:
- Use the Kusto Query Language to gain insights from your data by using the aggregation functions count, dcount, countif, sum, min, max, avg, percentiles, and others
- Communicate query results visually using the render operator
- Assign variables by using a let statement
- Module 4: Learn how to write Kusto Query Language (KQL) queries to combine and retrieve data from two or more tables by using the `lookup`, `join`, and `union` operators.
By the end of this module, you'll be able to:
- Use Kusto Query Language to combine and retrieve data from two or more tables by using the lookup, join, and union operators.
- Optimize multi-table queries by using the materialize operator to cache table data.
- Enrich your insights by using the new aggregation functions arg_min and arg_max.
- Module 5: Use Azure Monitor logs to extract valuable information about your infrastructure from log data.
In this module, you'll:
- Identify the features and capabilities of Azure Monitor logs.
- Create basic Azure Monitor log queries to extract information from log data.
- Module 6: Write log queries to gain insights into your business, IT operations and performance. Use Kusto Query Language (KQL) to extract log data in Azure Monitor Log Analytics.
In this module, you'll practice how to:
- Analyze log data based on specific business and operational questions.
- Write KQL queries to extract the data you need from logs in Azure Monitor.
Overview
Syllabus
- Module 1: Module 1: Explore the fundamentals of data analysis using Kusto Query Language (KQL)
- Introduction
- Query language basics
- KQL query environments
- How a KQL query is built
- Exercise: Sample queries
- Types of KQL queries
- Exercise: Different types of KQL queries
- Knowledge check
- Summary
- Module 2: Module 2: Write your first query with Kusto Query Language
- Introduction
- Understand the basic structure of a Kusto query
- Exercise - Connect to resources
- Exercise - Return a specific number of rows by using the take operator
- Exercise - Select columns to return by using the project operator
- Exercise - Filter data by using the where operator
- Exercise - Reorder returned data by using the sort operator
- Challenge
- Solution
- Knowledge check
- Summary
- Module 3: Module 3: Gain insights from your data by using Kusto Query Language
- Introduction
- Group data using aggregate functions
- Exercise - Connect to resources
- Exercise - Count events using the count function
- Exercise - Visualize data with the render operator
- Exercise - Summarize data using aggregate functions
- Exercise - Introduce variables using the let statement
- Challenge
- Solution
- Knowledge check
- Summary
- Module 4: Module 4: Write multi-table queries by using Kusto Query Language
- Introduction
- Combine and optimize data
- Exercise - Connect to resources
- Exercise - Combine table results by using the join operator
- Exercise - Combine table results by using the lookup operator
- Exercise - Combine table results by using the union operator
- Exercise - Optimize queries by using the materialize function
- Knowledge check
- Summary
- Module 5: Module 5: Analyze your Azure infrastructure by using Azure Monitor logs
- Introduction
- Features of Azure Monitor logs
- Create basic Azure Monitor log queries to extract information from log data
- Exercise - Create basic Azure Monitor log queries to extract information from log data
- Summary
- Module 6: Module 6: Guided project - Analyze logs in Azure Monitor with KQL
- Introduction
- Prepare
- Exercise - List recently active virtual machines that stopped sending logs
- Exercise - Identify machines with high CPU usage
- Exercise - Summarize free space statistics by computer
- Knowledge check
- Summary