In this article, we learn on how to use Where Operator in Kusto Query Language (KQL) , Just follow and ready clearly.

For more updates please do Subscribe via Email:

What is Kusto Query Language (KQL)

Kusto is a query language designed for big data workloads particularly using large amount of data in from things like logs and event sources. Kusto  query is a read-only request to process data and return results. KQL is the first party query language for Kusto cluster used by Azure Data Explorer. Kusto Query is only good for pulling or getting data from the data bank. for more article about Kusto. Please refer this link.

Kusto Query Language (KQL)

Kusto?

Kusto is a query language designed for big data workloads particularly using large amount of data in from things like logs and event sources. Kusto  query is a read-only request to process data and return results. KQL is the first party query language for Kusto cluster used by Azure Data Explorer. Kusto Query is only good for pulling or getting data from the data bank.

Where Operator?

The Where Operator of Kusto is similar as SQL Where operator. The main functionality is to filters a data in the table base on what where declared.

Example

T | where fruit=="Banana"

Syntax

| where Predicate

Arguments

  • T: The tabular input whose records are to be filtered.
  • Predicate: A Boolean expression over the columns of T. It’s evaluated for each row in T.

Returns

Rows in T for which Predicate is true.

Implementation

Logs
| where Timestamp > ago(1h)
and Source == "CodeLife"

Related Topics

Leave a Reply

Your email address will not be published. Required fields are marked *