msticpy.data.sql_to_kql module

Module for SQL to KQL Conversion.

This is an experiment conversion utility built to support a limited subset of ANSI SQL. It relies on moz_sql_parser (https://github.com/mozilla/moz-sql-parser) to parse the SQL syntax tree. Some hacky additions have been done to allow table renaming and support for a few SparkSQL operators such as RLIKE.

For a more complete translation help with SQL to KQL see https://docs.microsoft.com/en-us/azure/data-explorer/kusto/query/sqlcheatsheet

Known limitations

Does not support aggregate functions in SELECT with no GROUP BY clause
Does not support IN, EXISTS, HAVING operators
Only partial support for AS naming (should work in SELECT expressions)

msticpy.data.sql_to_kql.sql_to_kql(sql: str, target_tables: Optional[Dict[str, str]] = None) → str: Parse SQL and return KQL equivalent.

Read the Docs v: v2.0.0

Versions: latest; stable; v2.3.0; v2.2.0; v2.1.0; v2.0.0; v1.8.0; v1.7.5; v1.7.0; v1.6.1; v1.5.0; v1.4.0; v1.3.0; v1.2.1; v1.1.0; v1.0.0; release-msticpy-v2.0.0

Downloads

On Read the Docs: Project Home; Builds