SC-200: Create queries for Microsoft Sentinel using Kusto Query Language (KQL)

SC-200: Create queries for Microsoft Sentinel using Kusto Query Language (KQL)

Write Kusto Query Language (KQL) statements to query log data to perform detections, analysis, and reporting in Microsoft Sentinel. This learning path will focus on the most used operators. The example KQL statements will showcase security related table queries.

Security Operations Analyst
Azure
Sentinel

Related Modules

Analyze query results using KQL
module
Host your domain on Azure DNS
Intermediate   MS Learn
Azure
Sentinel
Build multi-table statements using KQL
module
Host your domain on Azure DNS
Intermediate   MS Learn
Azure
Sentinel
Construct KQL statements for Microsoft Sentinel
module
Host your domain on Azure DNS
Intermediate   MS Learn
Azure
Sentinel
Work with data in Microsoft Sentinel using Kusto Query Language
module
Host your domain on Azure DNS
Intermediate   MS Learn
Sentinel