top of page

WELCOME TO CRONINITY

Woman with Headphones
Clicking on a Tablet
Sleep App
Girl with Tablet
In the Woods
Augmented Reality Glasses
Home: Welcome
Search
brencronin
May 62 min read

Kusto KQL - Part 3D - Operators

KQL Numeric and Comparison Operators KQL provides a standard set of arithmetic and comparison operators used for calculations and filtering: Arithmetic Operators (return numeric values) + Addition - Subtraction * Multiplication / Division % Modulo (remainder) These are commonly used for: Rate calculations (e.g., bytes/sec) Data normalization Threshold comparisons Comparison & Membership Operators (return boolean values) > Greater than < Less than >= Greater tha

 
 
 
brencronin
May 65 min read

Kusto KQL - Part 4 - Variables and Arrays

KQL Essentials: Variables with let and Arrays with dynamic Kusto Query Language (KQL) supports variables using the let statement, which allows you to store values, expressions, or entire subqueries for reuse within a query. This enhances readability, reduces duplication, and improves maintainability of complex queries. Using let to Create Variables The let statement follows this basic format: let VariableName = ExpressionOrValue; Key Components of let statement: let – Keyword

 
 
 
brencronin
May 51 min read

Kusto KQL - Part 3C - Output Displays - Project, Render, Extend

Project Project lets you change values on output. Other options with project are 'project-away', 'project-keep', 'project-rename' (allows you to map an original field to its normalized name. this operator ensures that the field is still managed as a physical field and that handling the field is more performant)., 'project-reorder'. | project FreeGB=CounterValue / 1024 Other project ideas: | project <NewColumnName1> = <ExistingColumnName1>, <NewColumnName2> = <ExistingColumn

 
 
 
brencronin
May 52 min read

Kusto KQL - Part 3B - Sort, Summarize, Count & Distinct

Summarize and Count Simple Sorts: | sort by fieldname asc //or | sort by fieldname desc Simple Summarize: | summarize by fieldname desc Adding summarize and then counting" | summarize count () by fieldname Different example: | summarize count() by columname1, columnname2 | sort by count_ Other option for summarize and count and then filtering the output to only counts over certain limits. | summarize EventCount = count() by fieldname | where EventCount > 1000 To see the 1st v

 
 
 
brencronin
May 53 min read

Kusto KQL - Part 3A - Scalars and String Predicates

Diving into Scalars & String Predicates in KQL Now that we’ve covered how to view table schemas, perform basic searches, and filter logs by time, it’s time to go deeper into scalar operations and string matching in Kusto Query Language (KQL), key building blocks for powerful filtering. Types of KQL Statements Tabular Expressions – Return result sets (e.g., rows/columns from tables). Scalar Expressions – Return single values used in filters, projections, calculations. What Are

 
 
 
brencronin
May 52 min read

Kusto KQL - Part 2 - Dealing with Time

Working with Time in KQL Handling time effectively in Kusto Query Language (KQL) is essential for accurate analysis, efficient data management, and optimized query performance, especially when working in environments like Microsoft Sentinel or Microsoft Defender. Time Filtering Options Most logging platforms, including Microsoft Sentinel, provide a GUI-based datetime picker to filter logs within a specific timeframe. However, you can override the GUI time filter by specifying

 
 
 
brencronin
May 56 min read

Kusto KQL - Part 1 - Overview

Understanding KQL in the Microsoft Data Ecosystem In Microsoft's data ecosystem, KQL stands for Kusto Query Language. The name "Kusto" is a playful nod to Jacques Cousteau, the renowned deep-sea explorer. Just as Cousteau explored the depths of the oceans, KQL enables users to explore the depths of their data with power and precision. It’s worth noting that KQL is sometimes confused with another similarly named language: Kibana Query Language, used for querying data in Elasti

 
 
 
Home: Blog2

CONTACT

500 Terry Francois Street San Francisco, CA 94158

bren_cronin@hotmail.com

123-456-7890

  • Facebook
  • Twitter
  • LinkedIn
Home: Contact
  • Facebook
  • Twitter
  • LinkedIn

©2021 by croninity. Proudly created with Wix.com

bottom of page