Specific components and supporting technologies
As we have covered in this book, Azure Sentinel is built upon the Log Analytics platform, as part of Azure Monitor, which uses KQL for queries, Jupyter Notebook, Flow, and Logic Apps, and also has machine learning capabilities. Mastering Azure Sentinel requires growing your skills in each of these areas. The following are some of our top picks for resources available today. You may find many more by joining the communities or developing your own groups of special interests.
Kusto Query Language
In Chapter 5, Using the Kusto Query Language (KQL), we introduced KQL, and in Chapter 6, Azure Sentinel Logs and Writing Queries, we showed how to use it to query logs within Azure Sentinel. However, you will probably need to continue learning this technology in order to write more useful queries and use advanced techniques to fine-tune the results.
For the official KCL documentation, go to the following link: https://docs.microsoft.com...