Repo sync for protected branch

.github/pull_request_template.md

@@ -1,28 +1,20 @@
-# Thank you for contributing to Azure Data Explorer documentation
+# Thank you for contributing to Kusto documentation
 
-## Fill out these items before submitting your pull request:
+Please add a brief comment outlining the purpose of this PR. Add links to any relevant references such as DevOps work items.
 
-If you are working internally at Microsoft:
+## Make sure you've done the following:
 
-- **Provide a link to an Azure DevOps Boards work item that tracks this feature/update.**
+1. **Acrolinx:** Make sure your Acrolinx score is **at least 80** (higher is better) and with **0** spelling issues.
+1. **Successful build**: Review the build status to make sure **all files are green** (Succeeded) and there are no errors, warnings, or suggestions.
+1. **Preview the pages:**: Click each **Preview URL** link, scan the entire page looking for formatting issues, in particular the parts you edited.
+1. **Check the Table of Contents:** If you are adding a new markdown file, make sure it is linked from the table of contents.
+1. **Sign off**: Once the PR is finalized, add a comment with `#sign-off` . If you need to cancel the sign-off, add a comment with `#hold-off`.
 
-- **Who is your Docs team contact?** \@mention them individually tag them and let them review the PR before signing off.
+    **NOTE**: *Signing off means the document can be published at any time.*
 
-## For internal Microsoft contributors, check off these quality control items as you go
+## Next steps
 
-- [ ] 1. **Check the Acrolinx report:** Make sure your Acrolinx Total score is **above 80 minimum** (higher is better) and with no spelling issues. Acrolinx ensures we are providing consistent terminology and using an appropriate voice and tone, and helps with localization.
+- All PRs to this repository are reviewed and merged by a human. Automatic merge is disabled on this repository for PRs, even with the qualifies-for-auto-merge label.
+- Once all feedback on the PR is addressed, the PR will be merged into the main branch.
 
-- [ ] 2. **Successful build with no warnings or suggestions**: Review the build status to make sure **all files are green** (Succeeded).
-
-- [ ] 3. **Preview the pages:**: Click each **Preview URL** link to view the rendered HTML pages on the review.learn.microsoft.com site to check the formatting and alignment of the page. Scan the page for overall formatting, and look at the parts you edited in detail.
-
-- [ ] 4. **Check the Table of Contents:** If you are adding a new markdown file, make sure it is linked from the table of contents.
-
-- [ ] 5. **#sign-off to request PR review and merge**: Once the pull request is finalized and ready to be merged, indicate so by typing `#sign-off` in a new comment in the Pull Request. If you need to cancel that sign-off, type `#hold-off` instead. *Signing off means the document can be published at any time.* Note, this is a formatting and standards review, not a technical review.
-
-## Merge and publish
-
-- After you `#sign-off`, there is a separate PR Review team that will review the PR and describe any necessary feedback before merging. 
-- The review team will use the comments section in the PR to provide feedback if changes are needed. Address any blocking issues and sign off again to request another review.
-- Once all feedback is resolved, you can `#sign-off` again. The PR Review team reviews and merges the pull request into the specified branch (usually the *main( branch or a *release-branch*).
-- From the *main* branch, the change is merged into the *live* branch several times a day to publish it to the public learn.microsoft.com site.
+[Learn more about how to contribute](https://review.learn.microsoft.com/en-us/help/platform/?branch=main).

data-explorer/kusto/includes/help-cluster-note.md

@@ -0,0 +1,11 @@
+---
+ms.topic: include
+ms.date: 01/22/2025
+---
+
+:::moniker range="azure-data-explorer"
+> The examples in this article use publicly available tables in the [help cluster](https://dataexplorer.azure.com/clusters/help/), such as the `StormEvents` table in the *Samples* database.
+::: moniker-end
+:::moniker range="microsoft-fabric"
+> The examples in this article use publicly available tables, such as the `StormEvents` table in the Weather analytics [sample data](/fabric/real-time-intelligence/sample-gallery).
+::: moniker-end

data-explorer/kusto/query/alias-statement.md

@@ -3,55 +3,46 @@ title:  Alias statement
 description: Learn how to use an alias statement to define an alias for a database that is used for a query.
 ms.reviewer: alexans
 ms.topic: reference
-ms.date: 01/12/2025
+ms.date: 01/21/2025
 ---
 # Alias statement
 
 > [!INCLUDE [applies](../includes/applies-to-version/applies.md)] [!INCLUDE [fabric](../includes/applies-to-version/fabric.md)] [!INCLUDE [azure-data-explorer](../includes/applies-to-version/azure-data-explorer.md)] [!INCLUDE [monitor](../includes/applies-to-version/monitor.md)] [!INCLUDE [sentinel](../includes/applies-to-version/sentinel.md)]
 
 Alias statements allow you to define an alias for a database, which can be used in the same query.
 
-:::moniker range="azure-data-explorer"
-This is useful when you're working with several clusters but want to appear as if you're working on fewer clusters.
-The alias must be defined according to the following syntax, where *clustername* and *databasename* are existing and valid entities.
-
-
-## Syntax
-
-`alias` database *DatabaseAliasName* `=` cluster("https://*clustername*.kusto.windows.net").database("*DatabaseName*")
-::: moniker-end
-
-:::moniker range="microsoft-fabric"
-This is useful when you're working with several Eventhouses but want to appear as if you're working on fewer Eventhouses.
-The alias must be defined according to the following syntax, where *Eventhouse* and *databasename* are existing and valid entities.
+The `alias` statement is useful as a shorthand name for a database so it can be referenced using that alias in the same query.
 
 ## Syntax
 
-`alias` database *DatabaseAliasName* `=` cluster("*serviceURL*").database("*DatabaseName*")
-::: moniker-end
+`alias` database *DatabaseAliasName* `=` cluster("QueryURI").database("*DatabaseName*")
 
 [!INCLUDE [syntax-conventions-note](../includes/syntax-conventions-note.md)]
 
 ## Parameters
 
-|Name|Type|Required|Description|
+| Name | Type | Required | Description |
 |--|--|--|--|
-|*DatabaseAliasName*| `string` | :heavy_check_mark:|An existing name or new database alias name. You can escape the name with brackets. For example, ["Name with spaces"]. |
-|*DatabaseName*| `string` | :heavy_check_mark:|The name of the database to give an alias.|
+| *DatabaseAliasName* | `string` | :heavy_check_mark: | An existing name or new database alias name. You can escape the name with brackets. For example, ["Name with spaces"]. |
+| *QueryURI* | `string` | :heavy_check_mark: | The URI that can be used to run queries or management commands. |
+| *DatabaseName* | `string` | :heavy_check_mark: | The name of the database to give an alias. |
 
 :::moniker range="azure-data-explorer"
 > [!NOTE]
-> The mapped cluster-uri and the mapped database-name must appear inside double-quotes(") or single-quotes(').
+>
+> - To get your Query URI, in the Azure portal, go to your cluster's overview page, and then copy the URI.
+> - The mapped Query and the mapped database-name must appear inside double-quotes(") or single-quotes(').
 ::: moniker-end
-
 :::moniker range="microsoft-fabric"
 > [!NOTE]
-> The mapped Eventhouse-uri and the mapped database-name must appear inside double-quotes(") or single-quotes(').
+>
+> - To get your Query URI, see [Copy a KQL database URI](/fabric/real-time-intelligence/access-database-copy-uri#copy-uri).
+> - The mapped Query and the mapped database-name must appear inside double-quotes(") or single-quotes(').
 ::: moniker-end
 
 ## Examples
 
-[!INCLUDE [help-cluster](../includes/help-cluster-samples-stormevents.md)]
+[!INCLUDE [help-cluster](../includes/help-cluster-note.md)]
 
 First, count the number of records in that table.
 

data-explorer/kusto/query/as-operator.md

@@ -3,13 +3,13 @@ title:  as operator
 description: Learn how to use the as operator to bind a name to the operator's input tabular expression.
 ms.reviewer: alexans
 ms.topic: reference
-ms.date: 08/11/2024
+ms.date: 01/27/2025
 ---
 # as operator
 
 > [!INCLUDE [applies](../includes/applies-to-version/applies.md)] [!INCLUDE [fabric](../includes/applies-to-version/fabric.md)] [!INCLUDE [azure-data-explorer](../includes/applies-to-version/azure-data-explorer.md)] [!INCLUDE [monitor](../includes/applies-to-version/monitor.md)] [!INCLUDE [sentinel](../includes/applies-to-version/sentinel.md)]
 
-Binds a name to the operator's input tabular expression. This allows the query to reference the value of the tabular expression multiple times without breaking the query and binding a name through the [let statement](let-statement.md).
+Binds a name to the operator's input tabular expression. This operator allows the query to reference the value of the tabular expression multiple times without breaking the query and binding a name through the [let statement](let-statement.md).
 
 To optimize multiple uses of the `as` operator within a single query, see [Named expressions](named-expressions.md).
 
@@ -25,42 +25,57 @@ To optimize multiple uses of the `as` operator within a single query, see [Named
 |--|--|--|--|
 |*T*| `string` |  :heavy_check_mark: | The tabular expression to rename.|
 | *Name*| `string` |  :heavy_check_mark: | The temporary name for the tabular expression.|
-| *`hint.materialized`*| `bool` |  | If *Materialized* is set to `true`, the value of the tabular expression will be as if it was wrapped by a [materialize()](materialize-function.md) function call. Otherwise, the value will be recalculated on every reference.|
+| *`hint.materialized`*| `bool` |  | If *Materialized* is set to `true`, the value of the tabular expression output is wrapped by a [materialize()](materialize-function.md) function call. Otherwise, the value is recalculated on every reference.|
 
 > [!NOTE]
 >
-> * The name given by `as` will be used in the `withsource=` column of [union](union-operator.md), the `source_` column of [find](find-operator.md), and the `$table` column of [search](search-operator.md).
+> * The name given by `as` is used in the `withsource=` column of [union](union-operator.md), the `source_` column of [find](find-operator.md), and the `$table` column of [search](search-operator.md).
 > * The tabular expression named using the operator in a [join](join-operator.md)'s outer tabular input (`$left`) can also be used in the join's tabular inner input (`$right`).
 
 ## Examples
 
-In the following two examples the union's generated TableName column will consist of 'T1' and 'T2'.
+In the following two examples, the generated TableName column consists of 'T1' and 'T2'.
 
 :::moniker range="azure-data-explorer"
 > [!div class="nextstepaction"]
-> <a href="https://dataexplorer.azure.com/?query=H4sIAAAAAAAAAytKzEtPVahQSCvKz1UwVCjJVzA0UCguSS0AcrhqFBKLFULAjNK8zPw8hfLMkozi/NKi5FTbkMSknFS/xNxUBY0iPGZAjDDSBAAgKK6faAAAAA==" target="_blank">Run the query</a>
+> <a href="https://dataexplorer.azure.com/clusters/help/databases/Samples?query=H4sIAAAAAAAAAytKzEtPVahQSCvKz1UwVCjJVzBVKC5JLQCyuWoUEosVQsCM0rzM%2FDyF8sySjOL80qLkVNuQxKScVL%2FE3FQFjSLcRkBMMNIEALyiibJmAAAA" target="_blank">Run the query</a>
 ::: moniker-end
 
 ```kusto
-range x from 1 to 10 step 1 
+range x from 1 to 5 step 1 
 | as T1 
-| union withsource=TableName (range x from 1 to 10 step 1 | as T2)
+| union withsource=TableName (range x from 1 to 5 step 1 | as T2)
 ```
 
 Alternatively, you can write the same example as follows:
 
 :::moniker range="azure-data-explorer"
 > [!div class="nextstepaction"]
-> <a href="https://dataexplorer.azure.com/?query=H4sIAAAAAAAAAyvNy8zPUyjPLMkozi8tSk61DUlMykn1S8xNVdAoSsxLT1WoUEgrys9VMFQoyVcwNFAoLkktAHJqFBKLFUIMNXWIUWakCQB5tG07ZwAAAA==" target="_blank">Run the query</a>
+> <a href="https://dataexplorer.azure.com/clusters/help/databases/Samples?query=H4sIAAAAAAAAAyvNy8zPUyjPLMkozi8tSk61DUlMykn1S8xNVdAoSsxLT1WoUEgrys9VMFQoyVcwVSguSS0AsmsUEosVQgw1dYhQZaQJAJuYIo9lAAAA" target="_blank">Run the query</a>
 ::: moniker-end
 
 ```kusto
-union withsource=TableName (range x from 1 to 10 step 1 | as T1), (range x from 1 to 10 step 1 | as T2)
+union withsource=TableName (range x from 1 to 5 step 1 | as T1), (range x from 1 to 5 step 1 | as T2)
 ```
 
-In the following example, the 'left side' of the join will be:
+**Output**
+
+| TableName| x |
+|--|---|
+| T1 | 1 |
+| T1 | 2 |
+| T1 | 3 |
+| T1 | 4 |
+| T1 | 5 |
+| T2 | 1 |
+| T2 | 2 |
+| T2 | 3 |
+| T2 | 4 |
+| T2 | 5 |
+
+In the following example, the 'left side' of the join is:
 `MyLogTable` filtered by `type == "Event"` and `Name == "Start"`
-and the 'right side' of the join will be:
+and the 'right side' of the join is:
 `MyLogTable` filtered by `type == "Event"` and `Name == "Stop"`
 
 ```kusto

data-explorer/kusto/query/batches.md

@@ -3,7 +3,7 @@ title:  Batches
 description:  This article describes Batches.
 ms.reviewer: alexans
 ms.topic: reference
-ms.date: 01/13/2025
+ms.date: 01/27/2025
 ---
 # Batches
 
@@ -18,7 +18,9 @@ A query can include multiple tabular expression statements, as long as they're d
 
 ## Examples
 
-[!INCLUDE [help-cluster](../includes/help-cluster-samples-stormevents.md)]
+[!INCLUDE [help-cluster](../includes/help-cluster-note.md)]
+
+The following examples show how to create multiple tables simultaneously.
 
 ### Name tabular results
 

data-explorer/kusto/query/count-operator.md

@@ -3,14 +3,12 @@ title:  count operator
 description: Learn how to use the count operator to return the number of records in the input record set.
 ms.reviewer: alexans
 ms.topic: reference
-ms.date: 08/11/2024
-monikerRange: "microsoft-fabric || azure-data-explorer || azure-monitor || microsoft-sentinel "
+ms.date: 01/15/2025
 ---
 # count operator
 
 > [!INCLUDE [applies](../includes/applies-to-version/applies.md)] [!INCLUDE [fabric](../includes/applies-to-version/fabric.md)] [!INCLUDE [azure-data-explorer](../includes/applies-to-version/azure-data-explorer.md)] [!INCLUDE [monitor](../includes/applies-to-version/monitor.md)] [!INCLUDE [sentinel](../includes/applies-to-version/sentinel.md)] 
 
-
 Returns the number of records in the input record set.
 
 ## Syntax
@@ -32,6 +30,10 @@ This function returns a table with a single record and column of type
 
 ## Example
 
+[!INCLUDE [help-cluster](../includes/help-cluster-note.md)]
+
+When you use the count operator with a table name, like StormEvents, it will return the total number of records in that table.
+
 :::moniker range="azure-data-explorer"
 > [!div class="nextstepaction"]
 > <a href="https://dataexplorer.azure.com/clusters/help/databases/Samples?query=H4sIAAAAAAAAAwsuyS/KdS1LzSspVqhRSM4vzSsBALU2eHsTAAAA" target="_blank">Run the query</a>
@@ -41,6 +43,12 @@ This function returns a table with a single record and column of type
 StormEvents | count
 ```
 
+**Output**
+
+| Count |
+|-------|
+| 59066 |
+
 ## Related content
 
 For information about the count() aggregation function, see [count() (aggregation function)](count-aggregation-function.md).

data-explorer/kusto/query/datatable-operator.md

@@ -3,7 +3,7 @@ title:  datatable operator
 description: Learn how to use the datatable operator to define a table with given schema and data.
 ms.reviewer: alexans
 ms.topic: reference
-ms.date: 01/07/2025
+ms.date: 01/21/2025
 ---
 # datatable operator
 
@@ -37,6 +37,8 @@ This operator returns a data table of the given schema and data.
 
 ## Example
 
+This example creates a table with *Date*, *Event*, and *MoreData* columns, filters rows with Event descriptions longer than 4 characters, and adds a new column *key2* to each row from the MoreData dynamic object.
+
 :::moniker range="azure-data-explorer"
 > [!div class="nextstepaction"]
 > <a href="https://dataexplorer.azure.com/clusters/help/databases/Samples?query=H4sIAAAAAAAAA3XRS4vCMBAA4Lu/YsiphbiY1upa0IPYo8velz2kZtRgTCCNL1z/uxNZd6HYJAQyj++QUTLQrg0mCxmwVHQFvUcO1RFtKJvgtd1wWDqPVCBLdbFyr1cpfPWA1rM+ERMx6A9GfSFSDmzuvGUcfouTK9vhRbCSHaU5oKBMDGTPQMZuKW9zOXGCTuQqG9A3UK2cQfiQ1ISdet7Wh6/0Iv/XPw+10c0WFay1bwLUzu06+aLNj17xk3H8i6yI/EKj6uTGbe79wX33fuC0RY9AAzBok8c0UpjBkDJ4DmgVxDaY/o3mLb7vp72pd88BAAA=" target="_blank">Run the query</a>
@@ -55,7 +57,7 @@ datatable(Date:datetime, Event:string, MoreData:dynamic) [
 
 **Output**
 
-|Date|Event|MoreData|key2|
-|---|---|---|---|
-|1930-01-01 00:00:00.0000000|Enters Ecole Navale|{<br>  "key1": "value3",<br>  "key2": "value4"<br>}|value4|
-|1953-01-01 00:00:00.0000000|Published first book|{<br>  "key1": "value5",<br>  "key2": "value6"<br>}|value6|
+| Date | Event | MoreData | key2 |
+|--|--|--|--|
+| 1930-01-01 00:00:00.0000000 | Enters Ecole Navale | {<br>  "key1": "value3",<br>  "key2": "value4"<br>} | value4 |
+| 1953-01-01 00:00:00.0000000 | Published first book | {<br>  "key1": "value5",<br>  "key2": "value6"<br>} | value6 |

data-explorer/kusto/query/externaldata-operator.md

@@ -3,8 +3,7 @@ title:  externaldata operator
 description: Learn how to use the externaldata operator to return a data table of the given schema whose data was parsed from the specified storage artifact.
 ms.reviewer: alexans
 ms.topic: reference
-ms.date: 08/11/2024
-monikerRange: "microsoft-fabric || azure-data-explorer || azure-monitor || microsoft-sentinel"
+ms.date: 01/27/2025
 ---
 # externaldata operator
 
@@ -13,14 +12,10 @@ monikerRange: "microsoft-fabric || azure-data-explorer || azure-monitor || micro
 The `externaldata` operator returns a table whose schema is defined in the query itself, and whose data is read from an external storage artifact, such as a blob in Azure Blob Storage or a file in Azure Data Lake Storage.
 
 > [!NOTE]
-> The `externaldata` operator supports a specific set of storage services, as listed under [Storage connection strings](../api/connection-strings/storage-connection-strings.md).
-
-> [!NOTE]
-> The `externaldata` operator supports Shared Access Signature (SAS) key, Access key, and Microsoft Entra Token authentication methods. For more information, see [Storage authentication methods](../api/connection-strings/storage-connection-strings.md).
-
-::: moniker range="microsoft-fabric  || azure-data-explorer"
-
-::: moniker-end
+> The `externaldata` operator supports:
+>
+> * a specific set of storage services, as listed under [Storage connection strings](../api/connection-strings/storage-connection-strings.md).
+> * shared Access Signature (SAS) key, Access key, and Microsoft Entra Token authentication methods. For more information, see [Storage authentication methods](../api/connection-strings/storage-connection-strings.md#storage-authentication-methods).
 
 ::: moniker range="azure-monitor || microsoft-sentinel"
 
@@ -48,9 +43,9 @@ The `externaldata` operator returns a table whose schema is defined in the query
 
 ### Supported properties
 
-| Property         | Type     | Description       |
-|------------------|----------|-------------------|
-| format         | `string` | The data format. If unspecified, an attempt is made to detect the data format from file extension. The default is `CSV`. All [ingestion data formats](../ingestion-supported-formats.md) are supported. |
+| Property | Type | Description |
+|--|--|--|
+| format | `string` | The data format. If unspecified, an attempt is made to detect the data format from file extension. The default is `CSV`. All [ingestion data formats](../ingestion-supported-formats.md) are supported. |
 | ignoreFirstRecord | `bool` | If set to `true`, the first record in every file is ignored. This property is useful when querying CSV files with headers. |
 | ingestionMapping | `string` | Indicates how to map data from the source file to the actual columns in the operator result set. See [data mappings](../management/mappings.md). |
 
@@ -66,6 +61,8 @@ The `externaldata` operator returns a data table of the given schema whose data
 
 ## Examples
 
+The examples query data in an external storage file.
+
 ### Fetch a list of user IDs stored in Azure Blob Storage
 
 The following example shows how to find all records in a table whose `UserID` column falls into a known set of IDs, held (one per line) in an external storage file. Since the data format isn't specified, the detected data format is `TXT`.
@@ -134,4 +131,6 @@ with(format='multijson', ingestionMapping='[{"Column":"Timestamp","Properties":{
 
 The `MultiJSON` format is used here because single JSON records are spanned into multiple lines.
 
+## Related content
+
 For more info on mapping syntax, see [data mappings](../management/mappings.md).