KQL is quite important in Azure SECOPS domain. Azure Sentinel, Azure Monitor, Defender suite, etc. are powered by KQL .
Sometime when people are new to KQL and they get task on writing query. It could be confusing for someone and hard to understand from where to start.
My vlog talk about approach and basic commands. In this video I have tried explaining about the approach that one can use while writing their first KQL query. I have talked about the few basic operator that are useful while working on the tasks. Do comment if you have any questions.