// Reference : Using functions in Azure monitor log queries : https://docs.microsoft.com/azure/azure-monitor/log-query/functions
let Workplace_Facebook_view = view () {
    Workplace_Facebook_CL 
| extend tmp = parse_json(entry_s) 
| mv-expand tmp 
    | extend   
                EventUid = tmp["id"],
                EventEndTime = unixtime_seconds_todatetime(tolong(tmp["time"])),
                Changes = tmp["changes"],
                EventType = object_s,
                EventVendor = "Facebook",
                EventProduct = "Workplace"
    | project-away tmp, entry_s, object_s
};
Workplace_Facebook_view