RE2 in Kusto If you work with Kusto (Azure Data Explorer), you’re inevitably going to find yourself needing regular expressions. As someone who writes Kusto queries daily in security operations, I’ve developed a love-hate relationship with RE2 regex in KQL. It’s so powerful, but can be difficult to get your head around. This is my personal cheat sheet that I refer to, and I hope it saves you some time too....
Bash Scripting Cheat Sheet: A Practical Guide I found myself doing the same tasks over and over again at work, and decided it was time to properly learn some bash scripting. Here’s my personal cheat sheet with the commands and patterns I actually use. The Basics: Variables and Output The building blocks of any script start with variables and displaying information. Nothing fancy, but you’ll use these constantly. Defining a Variable name="Lewis" Pro tip: Bash is extremely picky about spaces....
Kusto Query Hints and Strategies When you’re working with a large volume of log data, query performance becomes more important. If you’ve ever stared at a loading screen while your Kusto query slowly runs in the background, this post is for you. Alternatively, if you grab a cup of tea while your query is running, you’re probably okay to not bother reading this. However, these are some performance hints I actually use (sometimes), not just theoretical optimisations....