Summary and resources
You should have learned how Kusto Query Language (KQL) is the query language used to perform analysis on data to create Analytics, Workbooks, and perform Hunting in Microsoft Sentinel. Understanding how to correlate data from different tables with a KQL statement provides the foundation to build detections in Microsoft Sentinel.
You should now be able to:
Create queries using unions to view results across multiple tables using KQL
Merge two tables with the join operator using KQL
Learn more
You can learn more by reviewing the following.