$_ cmd

← launcher · browse all

kql

Kusto Query Language:: KQL

/kusto-query-language · /kusto

in plain english

The query language behind Azure Data Explorer, Sentinel, Defender XDR Advanced Hunting, Log Analytics, and Application Insights. SQL-ish but log-focused — pipe operators, time-series functions, and built-in security/operations helpers.

official microsoft definition

A read-only query language for processing data and returning results. Designed to be easy to read and author, especially for users with experience with SQL or other query languages.

plans & eligibility

  • Free to learn and use — included anywhere KQL is exposed (Azure Data Explorer, Sentinel, Log Analytics, Defender, App Insights)
$ open portal → microsoft learn docs →

related on aguidetocloud

verified