Coming from a ELK background, Kibana had some nice functionality where you could view surrounding events of any record you wished https://www.elastic.co/guide/en/kibana/current/discover-document-context.html, i.e. view the 5 preceding and 5 proceeding events.
Does something like this exist in the Kusto Query Language?
Edit: I should also mention the requirement for this as I realise it might exist, but within a different form.
I'm looking to find several events that need to have all occurred during a specific time period, i.e. the previous 5 minutes.
Example; if EventID's 1, 2 and 3 show, I'm not interested. However, if 1, 2, 3 and 4 show (within X minutes of each other) then I would like my query to pick this up.
Any hints or tips are appreciated.
It seems that Time Window Join is what I needed - https://learn.microsoft.com/en-us/azure/data-explorer/kusto/query/join-timewindow