Trying to write a KQL query where results should come when the table column Rawdata either contains any of the strings - job1 or job2 :-
Tablename
| where RawData contains "JOB1" OR "JOB2"
The above gives me errror, what is the right way to do it
The right way to do it:
Tablename
| where RawData contains "JOB1" or RawData contains "JOB2"
If "JOB1" and "JOB2" is a term then you can use the operator has_any
Tablename
| where RawData has_any ("JOB1", "JOB2")