Forum Discussion
Solved
Kusto Explorer - So Many Tables!
Hey there! I was looking for a way to manage KQL queries and keep a running tally of the queries I've done so I can step back through the history and figure out how I got where I am. I was hoping...
- There's no automated way to connect KQL or any kind of Sentinel content back to GitHub. The best practice would be to manually copy KQL and paste them using the GitHub desktop + Sublime text or vs code. Otherwise, all efforts will be lost.
Most likely there is something that is feeding your ADX environment or those are tables that ADX creates itself. You could look at the Sentinel Repository feature to store your queries (although it may take a little work as it doesn't with directly with log queries).
- I actually don't have any ADX, just Sentinel. That's part of what has me confused.
- There are some tables that are not exposed via the Sentinel UI since they have no useful information.
GBusheyI never knew that these were all hiding back there - >450 tables, most of them empty. It's not a big deal as I know which tables I'm working with. I wish there were a way to eliminate the empty tables from the view.
Also, haven't found a way to attach the work I'm doing to Git which was my original reason for using Kusto Explorer.
