Skip to content

rod-trent/MustLearnKQL

Repository files navigation

Must Learn KQL - the blog series, the book, the video channel, the merch store, the workshop, and much more...

Must Learn KQL

This repository contains the code, queries, and eBook included as part of the MustLearnKQL series. The series is a continuing effort to discuss and educate about the power and simplicity of the Kusto Query Language.

The eBook (PDF) is updated whenever changes are made or new parts of the series are released. Get the book: https://github.com/rod-trent/MustLearnKQL/tree/main/Book_Version

Want a paperback version of the book? You can order a copy from Amazon.com: https://amzn.to/39maJSX - (as with the merch below, all profit goes directly to St. Jude)

There's a YouTube channel for the Must Learn KQL series. My colleague, David Hall, is taking the series and producing follow-along videos: Follow that here: https://youtu.be/rcy2uSMLyqo

Love the series so much you want a coffee mug? There's now a merch store where all proceeds go to St. Jude Children's Research Hospital. Check it out! MUST LEARN STORE

The series has it's own shortlink. To return back here, just remember the easy URL: https://aka.ms/MustLearnKQL

Must Learn KQL is always evolving and updating. Curious about what's new and exciting? Monitor the What's New page

Looking for Advanced topics and a fun way to learn them? Check out the The KQL Mysteries series: http://aka.ms/KQLMysteries

Table of Contents

The following are links to the entire series so far:

* Must Learn KQL Part 1: Tools and Resources - Posted November 17, 2021 - Video Edition
* Must Learn KQL Part 2: Just Above Sea Level - Posted November 18, 2021
* Must Learn KQL Part 3: Workflow - Posted November 19, 2021 - Video Edition
* Must Learn KQL Part 4: Search for Fun and Profit - Posted November 22, 2021
* Must Learn KQL Part 5: Turn Search into Workflow - Posted November 29, 2021 - Video Edition
* Must Learn KQL Part 6: Interface Intimacy - Posted December 2, 2021, Updated May 13, 2022 - Video Edition
* Must Learn KQL Part 7: Schema Talk - Posted December 7, 2021 - Video Edition
* Must Learn KQL Part 8: The Where Operator - Posted December 8, 2021 - Video Edition
* Must Learn KQL Part 9: The Limit/Take Operators - Posted December 13, 2021 - Video Edition
* Must Learn KQL Part 10: The Count Operator - Posted December 14, 2021 - Video Edition
* Must Learn KQL Part 11: The Summarize Operator - Posted January 5, 2022 - Video Edition
* Must Learn KQL Part 12: The Render Operator (with Bin and Time) - Posted January 10, 2022 - Video Edition
* Must Learn KQL Part 13: The Extend Operator - Posted January 18, 2022 - Video Edition
* Must Learn KQL Part 14: The Project Operator - Posted January 20, 2022 - Video Edition
* Must Learn KQL Part 15: The Distinct Operator - Posted January 24, 2022 - Video Edition
* Must Learn KQL Part 16: The Order/Sort and Top Operators - Posted January 26, 2022 - Video Edition
* Must Learn KQL Part 17: The Let Statement - Posted February 1, 2022 - Video Edition
* Must Learn KQL Part 18: The Union Operator - Posted February 7, 2022 - Video Edition
* Must Learn KQL Part 19: The Join Operator - Posted February 14, 2022 - Video Edition
* Must Learn KQL Part 20: Building your first Microsoft Sentinel Analytics Rule - Posted February 17, 2022 - Video Edition


Did you complete the entire series?!! Well, congratulations! When you're ready, take the assessment and receive a bona fide certificate!

The assessment is 25 questions taken directly from the Must Learn KQL series. So, you can take advantage of the open book test, or challenge yourself by attempting to pass without help. Based on the honor system, you can miss 5 questions (80%). Once completed, send an email request to [email protected] and request your certificate.

Take the assessment: Must Learn KQL Assessment (https://aka.ms/PassMustLearnKQL)



March 12, 2024. Happy 10th birthday, KQL!

Happy Birthday, KQL!





Must Learn KQL

About

Code included as part of the MustLearnKQL blog series

Resources

License

Code of conduct

Stars

Watchers

Forks

Releases

No releases published

Packages

No packages published