Honestly, for human friendly queries, I would have taken a Splunk-query like approach, like KQL: https://learn.microsoft.com/en-us/kusto/query/?view=microsoft-fabric

It’s less likely to annoy an entire industry of SQL users, while appealing to those who use Splunk and similar tools for incident response and ad-hoc analytics.

Whether they really need their own DB for event data… perhaps… but these days you want to get this kind of data into your data lake sooner rather than later. Perhaps it can help with that.

Seems like LINQ. Also funny that a couple articles prior was an announcement of a .NET SDK, so they def are aware LINQ already exists!