Get 100%OFF Coupon For Learn KQL for Microsoft Sentinel Course
Course Description:
Welcome to KQL for Microsoft Sentinel.
KQL is an easy question language used throughout a number of merchandise like
Azure Log Analytics
Microsoft Sentinel
Azure Useful resource Graph
to learn & write structured & unstructured information.
Course Construction
On this course we are going to deal with leveraging KQL for Microsoft Sentinel.
This may stroll you although a fundamental understanding of KQL
- Fast Begin
- Go for a fast end result
- Filter for higher outcomes
- Leverage the joins
- Summarize for perspective
- Save & Reuse
- Apply the visible
- Construct the use case
Every part has subsections for straightforward understanding of the matters.
A fast begin occurs with looking a specific phrase -> projecting the mandatory columns -> extending the extra columns wanted.
Now, to get a fast end result we do distinct to search out distinctive values -> use rely -> get the highest for show a restricted set of end result.
To Filter higher end result Apply the place situation -> Apply TimeGeneated filter
Leverage the joins by studying about totally different sorts of joins
Summarize for perspective by Summarize -> make_list -> make_set
As soon as achieved save & reuse by saving as question or perform.
Apply the visible for higher visibility.
Begin constructing you utilize case now with an instance.
End result at completion
After you efficiently full this course it is possible for you to to construct your personal KQL question from scratch to finish.
Whom is that this course for
Both you’re new to Microsoft Sentinel , Log Analytics or KQL or you’re already working in SOC frequently, this course is for you.
Who this course is for:
- Information Scientists