目录

（一）前言

（二）Azure Data Explorer介绍及应用

1. 什么是Azure Data Explorer？

2. 实战案例

（1）案例背景

（2）进入Azure Data Explorer主页面

 （3）点击Query

（4）输入查询的KQL

（5）导出功能

（一）前言

       Recently, the company will usually store one inAzurein a managed instanceAudit_logThe entire table is migrated toAzure Data Explorer Database来存储.So in this article, I will first summarizeAzure Data Explorer Database的基本概念,Then I will try to illustrate it with a simple example.

（二）Azure Data Explorer介绍及应用

       Companies are generating and storing vast amounts of data every day. This data can be unstructured（例如音频,视频）,半结构化的（例如XML,JSON）或结构化的（例如数字,日期,字符串）. Data professionals are always looking for efficient techniques to process large volumes of disparate data. Although we can certainly use a traditional data warehouse,Hadoop,Sparkand other analytical tools to do this,But before exploring and analyzing the data,This will involveTB级和PBlevel dataETL的常规方法.所以,A platform is desperately needed,The platform will enable users to rapidly leverage and analyze various raw data,And ingest data quickly and get the best performance. Let's solve this situation with an interesting data analysis service.

1. 什么是Azure Data Explorer？

AzureData Browser akaADX,is used for logging,Fast telemetry and streaming data,Highly scalable and fully managed data analytics service. Browse services through this data,You can aggregate,Store and analyze various data. You can query the number in secondsTB的数据,It allows fast ad hoc queries on all kinds of data.

在Azure Data ExplorerThe tools above were formerly known as “代号为Kusto”,使用类似SQLThe query language of ieKusto查询语言（KQL）来分析来自IoT设备,应用程序,Fast-moving data for websites, etc.KQLNot limited to using functions and hundreds of operators such as aggregation,过滤等,It also includes built-in machine learning capabilities,例如聚类,回归等.

ADX使用SSDStore as cache andAzure BlobPersistent storage in storage,Works on the principle of isolation between compute and storage. It is fully managed“平台即服务（PaaS）”,Make users focus only on their data and queries. 为了说明ADX的主要优势之一,The next advantage is highlighted here,即时间序列分析：它
非常方便,And provides a lot of functions to analyze,Identify trends and anomalies.

2. 实战案例

（1）案例背景

Query the user of a key system of the companyAudit_log,and import logs(CSV)

（2）进入Azure Data Explorer主页面

 （3）点击Query

        点击后,See it on the rightKQLThe entered query area,You can edit the query in it

同时,In the middle area, you can view the objects you want to query just like selecting the database and the tables under the database

（4）输入查询的KQL

       如下KQLThe purpose is to pull outAuditLogs表的前10000行

AuditLogs
| take 10000

（5）导出功能

      Right-click in the query results area,See the list of export functions