Get 100%OFF Coupon For Learn KQL for Microsoft Sentinel Course


Course Description:

Welcome to KQL for Microsoft Sentinel.

KQL is an easy question language used throughout a number of merchandise like

Azure Log Analytics

Microsoft Sentinel

Azure Useful resource Graph

to learn & write structured & unstructured information.

Course Construction

On this course we are going to deal with leveraging KQL for Microsoft Sentinel.

This may stroll you although a fundamental understanding of KQL

  • Fast Begin
  • Go for a fast end result
  • Filter for higher outcomes
  • Leverage the joins
  • Summarize for perspective
  • Save & Reuse
  • Apply the visible
  • Construct the use case

Every part has subsections for straightforward understanding of the matters.

A fast begin occurs with  looking a specific phrase -> projecting  the mandatory columns -> extending the extra columns wanted.

Now, to get a fast end result we do distinct to search out distinctive values -> use rely -> get the highest for show a restricted set of end result.

To Filter higher end result Apply the place situation -> Apply TimeGeneated filter

Leverage the joins by studying about totally different sorts of joins

Summarize for perspective by Summarize -> make_list -> make_set

As soon as achieved save & reuse by saving as question or perform.

Apply the visible for higher visibility.

Begin constructing you utilize case now with an instance.

End result at completion

After you efficiently full this course it is possible for you to to construct your personal KQL question from scratch to finish.

Whom is that this course for

Both you’re new to Microsoft Sentinel , Log Analytics or KQL or you’re already working in SOC frequently, this course is for you.

Who this course is for:

  • Information Scientists



Udemy Coupon

Leave a comment

Your email address will not be published. Required fields are marked *