Summary and resources

• 3 minutes

You should have learned how basic KQL statement structure provides the foundation to build more complex statements.

You should now be able to:

• Construct KQL statements
• Search log files for security events using KQL
• Filter searches based on event time, severity, domain, and other relevant data using KQL

Learn more

You can learn more by reviewing the following.

KQL quick reference | Microsoft Learn

Microsoft Tech Community Security Webinars

Become a Microsoft Sentinel Ninja