KQL Framwork explained
Microsoft Sentinel Webinar | KQL Framework for Microsoft Sentinel – Empowering You to Become KQL-Savvy Presenter(s): Innocent Wafula, Jeremy Tan, & Prateek Taneja The Kusto Query Language (KQL) is widely used for monitoring and cybersecurity security use-cases. As such, it is fundamental to deriving value from Microsoft Sentinel as a SIEM solution. Join us for this webinar to learn how you can leverage the new purpose-built workbook designed to simplify your learning of KQL, focusing on advanced security scenarios in Microsoft Sentinel. To ensure you hear about future Microsoft Sentinel webinars and other developments, make sure you join our community by going to https://aka.ms/SecurityCommunity
The workbook will be available soon in Microsoft Sentinel, but when you want to start today, you can download the Workbook at the Azure Github repository.
https://github.com/Azure/Azure-Sentinel/blob/master/Workbooks/AdvancedKQL.json
Have fun and enjoy Microsoft Sentinel