In this article, We learn about Kusto Query Language (KQL), I will explain furthered and detailed as I can. Just follow and read clearly about this topics.

For more updates please do Subscribe via Email:

Table Of Contents
  1. What is Kusto Query Language (KQL)
  2. Kusto query statement?
  3. Tabular expression statement
  4. Let expression statement
  5. Related Topics

Let’s Go!.

What is Kusto Query Language (KQL)

Kusto is a query language designed for big data workloads particularly using large amount of data in from things like logs and event sources. Kusto  query is a read-only request to process data and return results. KQL is the first party query language for Kusto cluster used by Azure Data Explorer. Kusto Query is only good for pulling or getting data from the data bank.

Kusto query statement?

There are three kinds of user query statement?

  • A tabular expression statement
  • A let expression statement
  • A set expression statement

All query statements are separated by a ; (semicolon), and only affect the query at hand.

Tabular expression statement

Tabular statement is the most common kind of kusto query statement. which means both its input and output consist of tables or tabular datasets. Tabular statements contain zero or more operators, each of which starts with a tabular input and returns a tabular output. Operators are sequenced by a | (pipe). Data flows, or is piped, from one operator to the next. The data is filtered or manipulated at each step and then fed into the following step.

Let’s look at an example query.

Student                             // table
| where status== "Active"           // where condition
| Project Firstname, Lastname,
Middlename, GradeLevel, Status      // selected columns to display

Let expression statement

You can use the Let statement to set a variable name equal to an expression or a function, or to create a views.

A let statement in kusto is just like a CTE in SQL. it can break up a complex expression into multiple parts, each represented by a variable. also can define constants outside of the query body for readability. and defining a variable once and using it multiple times within a query.

  • Syntax

Syntax for scalar or tabular expressions

  1. let Name = ScalarExpression
  2. let Name = TabularExpression

Let’s look at an example query. 

let Studentstatus = "Active";     // initializing Let statement

Student // table
| where status== "Active"        // where condition
| Project Firstname, Lastname,
 Middlename, GradeLevel, Status // selected columns to display

Or we can do like this. Defining tabular statement to a let statement.

let Studentstatus = "Active"; // initializing Let statement

let GetStudentList = (       // Student query is defined in GetStudentList varialble.
Student // table
| where status== "Active"    // where condition
| Project Firstname, Lastname, // selected columns to display
Middlename, GradeLevel, Status )

GetStudentList              // displaying the data, no need to specify the columns to view. by default 
                            // all avialble columns defined in GetStudentList variable will displayed.

Set statement

The set statement is used to set a query option for the duration of the query. Query options control how a query executes and returns results. They can be Boolean flags (off by default), or have an integer value. A query may contain zero, one, or more set statements. Set statements affect only the tabular expression statements that trail them in the program order. Any two statements must be separated by a semicolon. This is rarely use statement.

  • Syntax
    • set OptionName [= OptionValue]
set querytrace;
Events | take 100

Happy Learning..

Thank you for visiting my blog site. Hoping you learn more here. please feel free to comment and suggest if there is need to enhance and update. thank you.

Related Topics

By: Jave LupangoPosted on Categories : Categories : Tags:

13 Replies to “Kusto Query Language (KQL)”

  1. Pingback: Join table in Kusto Query Language (KQL) – CodeLife
  2. Pingback: Pulling IcM data using kusto query in C# – CodeLife
  3. Pingback: Kusto Query Language (KQL) using Where Operator - CodeLife
  4. Pingback: Datetime range in Kusto Query Language (KQL) using Between Operator - CodeLife
  5. Pingback: Order Operator in Kusto Query Language (KQL) - CodeLife
  6. Pingback: Distinct Operator in Kusto Query Language (KQL) - CodeLife
  7. Pingback: Limit Operator in Kusto Query Language (KQL) - CodeLife
  8. Pingback: Order Operator in Kusto Query Language (KQL) - CodeLife
  9. Pingback: Project Operator in Kusto Query Language (KQL) - CodeLife
  10. Pingback: AS Operator in Kusto Query Language (KQL) - CodeLife
  11. Pingback: Extend Operator in Kusto Query Language (KQL) - Coding Is Life
  12. Pingback: String Concatenation in Kusto Query Language (KQL) - Coding Is Life
  13. Pingback: How To Use Count Operator In Kusto Query Language (KQL) - Coding Is Life

Leave a Reply

Your email address will not be published. Required fields are marked *