I've been learning CrowdStrike's LogScale platform recently. To help myself learn the CrowdStrike Query Language (CQL) I figured I'd do some analysis of game data I had collected awhile ago. Help me learn and then create this post to perhaps help others who might be learning CQL as well.
That end, this post is a more written version of the live & somewhat interactive LogScale dashboard located: here.
I'm providing the data itself at the bottom of this post if you want to monkey around with it.
It isn't uncommon for users of tools like LogScale to not know where to start from a query perspective. Something unique with LogScale is being able to easily share dashboards outside of the tool itself. This is a pretty cool capability! The other place where I see individuals somewhat struggle is how to create a dashboard. Not mechanically as much as how to lay out data.