Introduction

Completed

Kusto Query Language (KQL) lets you extract meaningful insights from the log data you collect in Azure Monitor Logs.

Example scenario

You're a data scientist at a retail chain that uses Azure Monitor to monitor its computers.

The chain is expanding and, with the growing number of transactions at and between stores, the company has experienced some computer performance issues. Your IT team has noticed recurring issues related to virtual machines with high CPU usage and insufficient free space.

You want to identify current issues and mitigate future problems with the computers running in the chain's stores.

What will we be doing?

Here, you'll use KQL to answer operational and business questions by interpreting and summarizing log data:

  • Define analysis goals: Determine which questions you want to answer and what information will provide you with the answers you need.
  • Explore and assess logs: Examine the logs you've collected in your Log Analytics workspace and identify the data relevant to your inquiry.
  • Extract and summarize insights: Run KQL queries to extract answers to the questions you defined as your analysis goals.

What is the main goal?

By the end of this session, you'll be able to translate data in Azure Monitor Logs into operational and business insights using KQL queries.