CtrlK
BlogDocsLog inGet started
Tessl Logo

azure-kusto

**ANALYSIS SKILL** — Query and analyze data in Azure Data Explorer (Kusto/ADX) using KQL. WHEN: "KQL queries", "Kusto database queries", "Azure Data Explorer", "ADX clusters", "time series data", "IoT telemetry", "anomaly detection". DO NOT USE FOR: App Insights / Log Analytics troubleshooting (azure-diagnostics), cost analysis (azure-cost-optimization).

68

Quality

81%

Does it follow best practices?

Impact

No eval scenarios have been run

SecuritybySnyk

Passed

No known issues

SKILL.md
Quality
Evals
Security

Azure Data Explorer (Kusto) Query & Analytics

Execute KQL queries against Azure Data Explorer for fast, scalable big-data analytics on log, telemetry, and time-series data.

Prerequisites

  • Azure CLI authenticated (az login) with a subscription containing Kusto resources
  • RBAC: AllDatabasesViewer on the cluster, or Database Viewer per database
  • Azure MCP server configured in .vscode/mcp.json for the mcp_azure-mcp_kusto namespace; CLI fallback in references/fallback-strategy.md

Steps

  1. Discover resources — list clusters and databases in the subscription
  2. Explore schemakusto_table_schema_get for table structure
  3. Query datakusto_query with a KQL expression
  4. Analyse results — aggregate, visualise, export

Query Patterns Quick Reference

PatternUse For
Basic Data RetrievalQuick inspection, recent events
Aggregation AnalysisCounting, distribution, top-N
Time Series AnalyticsPerformance monitoring, trends
Join and CorrelationRoot-cause analysis, event tracing
Schema DiscoveryData model exploration

For full KQL syntax, examples, best practices, and performance tips, read references/query-patterns.md.

Rules

  • Always include a time-range filter (where Timestamp > ago(...)) on time-series tables
  • Use take/limit for exploratory queries
  • Filter early (where before join / summarize)
  • Use summarize for aggregations; bin() for time bucketing
  • Use project to select only needed columns

MCP Tools

ToolPurpose
kusto_cluster_listList Kusto clusters in a subscription
kusto_database_listList databases in a cluster
kusto_queryExecute KQL against a database
kusto_table_schema_getRetrieve table schema

Required parameters: subscription, cluster, database, query (or table). Optional: resource-group, tenant.

For CLI fallback (timeouts, auth failures), read references/fallback-strategy.md.

Reference Index

ReferenceWhen to Load
references/query-patterns.mdKQL patterns, examples, best practices, common functions
references/fallback-strategy.mdCLI commands and REST API fallback when MCP tools fail
Repository
jonathan-vella/azure-agentic-infraops
Commit

05d7617

Last updated
Created

Is this your skill?

If you maintain this skill, you can claim it as your own. Once claimed, you can manage eval scenarios, bundle related skills, attach documentation or rules, and ensure cross-agent compatibility.

Claim skill