数据导出Data export

数据导出是运行 Kusto 查询并写入其结果的过程。Data export is the process that runs a Kusto query and writes its results. 稍后检查时可使用这些查询结果。The query results are available for later inspection.

可以通过多种方法进行数据导出:There are several methods for data export:

客户端导出Client-side export

最简单的形式就是可在客户端上执行数据导出。In its simplest form, data export can be done on the client side. 客户端会针对服务运行一个查询,读取结果,然后将结果写入。The client runs a query against the service, reads back the results, and then writes them. 这种形式的数据导出依赖客户端工具进行导出,常见于运行该工具的本地文件系统。This form of data export depends on the client tool to do the export, usually to the local filesystem where the tool runs. 支持此模型的工具有 Kusto.ExplorerWeb UIAmong tools that support this model are Kusto.Explorer and Web UI.

服务端导出(拉取)Service-side export (pull)

如果导出目标是一张表,且此表与查询位于相同或不同的群集/数据库中,则请在目标表上使用“从查询引入”。If the target of the export is a table in the same or different cluster/database as the query, use "ingest from query" on the target table. 在该流中,会运行一个查询,其结果立即引入到表中。In this flow, a query is run and its results are immediately ingested into a table. 有关详细信息,请参阅从查询引入For more information, see ingest from query.

服务端导出(推送)Service-side export (push)

上面的客户端导出服务端导出(拉取)存在局限。The above methods, Client-side export, and Service-side export (pull), are limited. 查询结果必须在执行查询的创建者和写入查询结果的使用者之间通过单个网络连接流式处理。The query results must stream through a single network connection between the producer doing the query, and the consumer who writes its results. 对于可缩放的数据导出,请使用“推送”导出模型,让运行查询的服务也以优化方式写入其结果。For scalable data export, use the "push" export model in which the service running the query also writes its results in an optimized manner. 此模型通过一组 .export 控制命令公开,它支持将查询结果导出到外部表SQL 表外部 Blob 存储This model is exposed through a set of .export control commands, that support exporting query results to an external table, a SQL table, or an external Blob storage.

服务端导出命令受到群集的可用数据导出容量的限制。Service side export commands are limited by the cluster's available data export capacity. 可运行 show capacity 命令来查看群集的总的、已使用的和剩余的数据导出容量。You can run show capacity command to view the cluster's total, consumed, and remaining data export capacity.

使用数据导出命令时的机密管理建议Recommendations for secret management when using data export commands

理想情况下,将数据导出到远程目标,例如 Azure Blob 存储和 Azure SQL 数据库。Ideally, export data to a remote target, such as Azure Blob Storage and Azure SQL Database. 隐式使用执行数据导出命令的安全主体的凭据。Implicitly use the credentials of the security principal that executes the data export command. 该方法不适用于某些情况。This method isn't possible in some scenarios. 例如,Azure Blob 存储不支持安全主体的概念,只允许使用其自己的令牌。For example, Azure Blob Storage doesn't support the notion of a security principal, only its own tokens. 此功能支持在数据导出控制命令中以内联方式引入必需的凭据。This feature supports introducing the necessary credentials inline, as part of the data export control command.

若要以安全方式导出:To do the export in a secure manner:

  • 请在发送机密时使用经过模糊处理的字符串文本(例如 h@"...")。Use obfuscated string literals, such as h@"...", when sending secrets. 这将清理机密,使它们不在内部发出的任何跟踪中显示。The secrets will be scrubbed so that they don't appear in any trace emitted internally.

  • 请安全地存储密码和类似的机密,并根据需要使用应用程序进行“拉取”。Store passwords and similar secrets securely and "pull" using the application, as needed.