KUSTO Query Language

If you want to address security within the Microsoft Azure environment, and especially if you implement and use services such as Azure Monitor (Application Insights, Log Analytics), use Data Lake, or detect and hunt a hacker using Azure Sentinel or Microsoft Defender for Endpoint, then without Kusto language You can't bypass Query Language. At the training, we will show you all the commands, the composition of the query and you will learn the techniques that are necessary for the construction of complex correlation rules. During the training, we will prepare these correlation rules and then adapt them to Azure Workbooks and Azure Dashboard or connect them to the Open source Grafana tool. 

Basic analytical knowledge, basic knowledge of database schema and possibly knowledge of object-oriented programming and data communication.

The course is intended for analysts who set correlation rules within Microsoft security technologies, or may be a suitable basis for deep hunting in the Microsoft cloud environment.

• Kusto Query Language Commands
• Song query
• Acquisition of techniques for the construction of correlation rules
• Preparation and adaptation of correlation rules to Azure Workbooks and Azure Dashboard, etc. 

Materials in electronic form.

Introduction to Kusto Query Language, a tool for correlation and data analytics not only in the Azure Sentinel.