View Event: Kusto Query Language (KQL) and Azure Log Analytics
Kusto is a service for storing and running interactive analytics over Big Data. Kusto was designed from scratch to be a “big data” repository for Azure and easy to query using Kusto Query Language (KQL). As we progress in our migration to the cloud, we are learning new ways to monitor and alert resources and services. Microsoft has consolidated many services under the umbrella of ‘Azure Monitor.’ Whether you are detecting and diagnose issues across applications and dependencies,’ ‘correlate infrastructure issues with Azure Monitor for VMs,’ ‘drill into your SQL database monitoring data with Log Analytics’, you will be using ‘Azure Monitor.’ Azure Monitor uses a version of the KQL used by Azure Data Explorer that is suitable for simple log queries and includes advanced functionality such as aggregations, joins, and smart analytics. As we advance, the KQL must be your primary resource for querying the Azure Monitor log.
This 95% demo session will show you some ‘getting started’ tips and a few sophisticated queries using KQL. We will do a live demo, generating an alert using KQL. We will dive into Kqlmagic, which brings you the benefit of notebooks, data analysis, and rich Python capabilities in the same location against Azure Log Analytics workspace. The demo will also include how to pass variables from Python to Kqlmagic and vice-versa – (Bonus: a sneak preview on parameterization support in notebooks in Azure Data Studio). At the end of this session, beginners will have a solid knowledge about KQL that they can build upon by themselves; others will also learn many advanced operators, including machine learning ones. Come and learn about the future of monitoring and investigations of Azure services.
Leave a Reply