Kusto Gym
By Gianni Castaldi
Welcome to the Kusto Gym,
On your road to become a Kusto Knight, there are some exercises to put the theory into action.
Where do we store the data in Kusto
In the blog post we saw the Azure Data Explorer as example, so for this exercise I want to ask you to go to the Azure Data Explorer demo environment, and do the following:
- What is the display name and the URI of the cluster?
- What is the name of the database?
- What is the name of the external table, and the name of te first column?
- The display name of the cluster is help and the URI is https://help.kusto.windows.net/
- The name of the database is Samples
- The name of the external table is TaxiRides and the first column is trip_Id
In the blog post we saw the different data types in Kusto. For this exercise I want to ask you to go to your Azure Sentinel, and do the following:
- What is the data type of the TenantId value in the SecurityAlert table?
- What are all the data types of the SigninLogs table?
When you do not have access to an Azure Sentinel instance you could also use the Log Analytics Demo environment.