How to use Search Operator in Kusto to find Records for specific Keywords | Kusto Tutorial (KQL)

Topic: How to use Search Operator in Kusto to find Records for specific Keywords


How to use Search Operator in Kusto to find Records for specific Keywords | Kusto Query Language Tutorial (KQL) Kusto Query Language is a powerful tool to explore your data and discover patterns, identify anomalies and outliers, create statistical modeling, and more. The query uses schema entities that are organized in a hierarchy similar to SQL's: databases, tables, and columns. A Kusto query is a read-only request to process data and return results. The request is stated in plain text, using a data-flow model that is easy to read, author, and automate. Kusto queries are made of one or more query statements.

 // Using Search operator  
 .create table TotalSaleAsia (  
   id: int   
   ,SalePersonFName: string  
   ,SalePersonLName : string  
   ,ProductName : string  
   ,ItemsSold : int  
   ,SoldPrice :real  
   ,SoldDate: date  
   ,City : string  
   ,State : string  
   ,Country : string  
   ,Region : string  
   )  
        
      //Insert data  
       .ingest inline into table TotalSaleAsia <|  
 11,Tamara,Tony,Cell Phone,2,1200,2015-03-03,Frankfurt,Hesse,Germany,Europe  
 9,Petra,Henry,TV,10,5000,2015-04-08,Paris,Île-de-France,France,Europe  
 3,Christy,Ladson,TV,3,1600,2015-04-02,High Point,NC,USA,North America  
 7,Chirag,Patel,Cell Phone,5,1500,2015-06-23,AhmadAbad,Gujrat,India,Asia  
 2,M,Raza,Cell Phone,2,800,2015-07-15,Charlotte,NC,USA,North America  
 5,Najaf,Ali,Computer,1,300,2015-06-20,Karachi,Sindh,Pakistan,Asia  
 6,Sukhjeet,Singh,TV,2,900,2015-06-21,ChandiGar,Punjab,India,Asia  
 4,John,Rivers,Laptop,5,2400,2014-03-09,Jersey City,NJ,USA,North America  
 8,Aleena,Aman,Laptop,2,800,2015-05-25,Lahore,Punjab,Pakistan,Asia  
 10,Rita,Roger,Laptop,7,2100,2015-04-11,Paris,Île-de-France,France,Europe  
 1,Aamir,Shahzad,TV,1,700,2015-07-15,Charlotte,NC,USA,North America  
 12,aamir,Shahzad,TV,1,7000,2015-07-15,Charlotte,NC,USA,North America  
 10,Rita,Roger,Laptop,7,2100,2015-04-11,Paris,Île-de-France,France,Europe  
 14,aamir,Shahzad,TV,1,7000,2015-07-15,Charlotte,NC,USA,South America  
 17,Chirag,Patel,Charger Cell Phone,5,1500,2015-06-23,AhmadAbad,Gujrat,India,Asia  
   
 //How to use Search in Kusto  
 // Search for a term in entire Database  
 search "aamir"  
   
 // Search in entire Table  
 TotalSale  
 | search "aamir"  
   
 // Searching by keeping case senstive in mind  
 TotalSale  
 | search kind=case_sensitive "aamir"  
   
 //Search in Multiple Tables in all columns for value   
 search in (TotalSaleAsia,TotalSale) "aamir"  
   
 //Search for value in column has the value  
 TotalSale  
 | search Region:"South"  
   
 //Search for wild characters by using * , works like has hasprefix or hassuffix  
 TotalSale  
 | search "*ce"  
   
 TotalSale  
 | search "aa*"  
   
   
 // Use search to find values which contain  
 TotalSale  
 | search "*to*"  
   
 //Search regex -   
 TotalSale  
 | search "P*b"   
   
   
 //Search in a column  
 TotalSale  
 | search SalePersonFName matches regex "ir"  
   
 //Search multiple criteria  
 TotalSale  
 | search "Asia" and ("Lahore" or "Karachi")  
   
 TotalSale  
 | search "Asia" or ("Lahore" and "Karachi")  
   
 TotalSale  
 | search "Asia" and (ItemsSold>1 and id<7)  

Video Demo: How to use Search Operator in Kusto to find Records for specific Keywords


3 comments:

  1. SYNACK TECH IS FAST AND EFFECIENT
    You really need to be careful of the risk involved in the world of cryptocurrency and investments. I was naive enough to believe I could make huge returns from my cryptocurrency investments without doing proper research about it. I lost $543,000 worth of USDT and BTC in a failed cryptocurrency investment scheme. Luckily for me, I was able to reach out to a reputable cryptocurrency recovery company that goes by the name Synack Tech and was able to successfully recover all the money I had invested into the scheme. {{{s y n a c k h a c k @ t e c h | - | c e n t e r | d o t | c o m }}} I’m forever grateful to the services of Synack Tech and this message is a recommendation to everyone who intends to recover lost digital assets of any kind. Not only are they fast but also reliable and they update you on the progress accordingly.

    ReplyDelete
  2. RESTORE MY WALLET WITH SYNACK TECH
    For recovering my stolen 4.3 Bitcoin in just a few hours, I can't quit praising you. I lost my BTC in a scam involving bitcoin investments, but SYNACK TECH miraculously returned my funds to my wallet in just a few hours. synackhack @ tech {-} center {.} com. Such great assistance is something I think we all need.

    ReplyDelete
  3. HARNESS THE EFFECIENCY OF CRYPTO RECOVERY-SYNACK TECH
    I came across SYNACK TECH which is an exceptional and highly reputable private licensed investigation firm based in the states that i had the privilege of engaging with after my company suffered a loss of $950,000 worth of btc due to a mistaken transfer to an unknown account by our financial accountant. Despite our desperate attempts to recover the funds through traditional channels and various recovery firms, we were met with disappointment and further financial losses. However, our fortunes changed when we discovered SYNACK TECH. Upon contacting them, their team of skilled professionals' swiftly and effectively managed to recover $830,300 of our lost funds, bringing immense relief and peace to our company. Their dedication and expertise were truly impressive, and their ability to successfully recover such a significant portion of the lost funds is a testament to their exceptional capabilities in the realm of cryptocurrency recovery. I wholeheartedly recommend SYNACK TECH for any hacking services and crypto recovery needs as their outstanding performance has not only mitigated the financial impact on our company but also restored faith in the possibility of recovering lost assets in the complex world of cryptocurrency. This experience has highlighted the invaluable importance of seeking out a reputable and skilled professionals like SYNACK TECH when faced with similar challenges, as their proficiency and commitment to their clients' success are truly unique and unmatched. With their extensive knowledge and unwavering dedication, SYNACK TECH has proven to be an invaluable asset in navigating the complexities of cryptocurrency recovery, providing hope and a lifeline for those who have experienced significant financial losses in the digital asset space. Their swift and effective actions have not only mitigated the devastating impact of our financial loss but have also restored our confidence in the possibility of recovering lost assets in the intricate world of cryptocurrency. I cannot overstate the level of gratitude and admiration we hold for SYNACK TECH, as they have not only demonstrated unmatched expertise but have also exhibited a deep commitment to their clients’ success. If you in a similar predicament reach out to SYNACKHACK {@} TECH {-} CENTER {DOT} COM

    ReplyDelete