Threat Hunting has become an integral part of Blue teamers. Knowing the tools and techniques especially related to searching across vast amount of logs to find actionable insights and which can pivot to gather context on investigating existing incident or leading to become potential anomaly is an essential skill for success of any defender. In this presentation, we will introduce Kusto Query Language (KQL) which has been de-facto language of hunting across variety of data sources such as Microsoft Defender for Endpoint, Azure Sentinel, Microsoft Threat Protection. Knowing the language and mastering key skills required to effectively hunt across variety of Microsoft Threat protection solutions can be hugely beneficial for blue teamers. We will walk through Practical Threat Hunting Queries on multiple Cloud (Azure, AWS) , On-Premise (Windows, Linux) and Network data sources leveraging KQL features to effectively hunt and gather faster results. Apart from getting familiar with syntax, we will demonstrate how to use advanced features of KQL such as Time Series Analysis , windowing functions from GUI to find anomalous behavior. Lastly we will also showcase KQL programmatic interfaces such as Jupyter notebooks to do threat hunting at Scale by importing multiple KQL queries , execute them and gather results in automated fashion.