You need to use Kusto query in Azure Log Analytics workspace. What does the query start with?

Experience Level: Junior
Tags: Azure CloudAzure Log Analytics WorkspaceAzure Sentinel

Answer

  • It can start with a name of the table
  • or it can start with search in

Warning: Search queries are typically slower than table-based queries because they have to process more data.

Example:

Event |
take 10

Example 2:

search in (Event) "sometext" |
take 10 


Related Azure Cloud job interview questions

Comments

No Comments Yet.
Be the first to tell us what you think.
Azure Sentinel
Azure Sentinel

Are you learning Azure Cloud ? Try our test we designed to help you progress faster.

Test yourself
AZ-104 Microsoft Azure Administrator Preparation
AZ-104 Microsoft Azure Administrator Preparation

Are you learning Azure Cloud ? Try our test we designed to help you progress faster.

Test yourself
AZ-500 Microsoft Azure Security Technologies Preparation
AZ-500 Microsoft Azure Security Technologies Preparation

Are you learning Azure Cloud ? Try our test we designed to help you progress faster.

Test yourself
Azure Log Analytics Workspace
Azure Log Analytics Workspace

Are you learning Azure Cloud ? Try our test we designed to help you progress faster.

Test yourself