Summary and resources
You should have learned how Kusto Query Language (KQL) is the query language used to perform analysis on data to create Analytics, Workbooks, and perform Hunting in Microsoft Sentinel.
You should now be able to:
- Extract data from unstructured string fields using KQL
- Extract data from structured string data using KQL
- Create Functions using KQL
Learn more
You can learn more by reviewing the following.
Microsoft Tech Community Security Webinars
Become an Microsoft Sentinel Ninja