Questions tagged [azure-log-analytics]

use for Azure OMS\Log Analytics questions

0
votes
0answers
10 views

Azure Log Analytics Aggregation Query

I am having trouble creating with the below query. I am trying to get the average number of sessions from four computers over a time interval of one hour. I then want to chart the sum of the four ...
0
votes
2answers
22 views

Error setting up Azure Function within Azure Resource under Log Analytics Workspace

I have error setting up Azure Function within Azure Resource under Log Analytics Workspace. When only AllMetrics is checked, it works. But whenever FunctionExecutionLogs is checked, error occurs like ...
0
votes
0answers
20 views

Summarizing funnels by customDimensions in Azure Log Analytics

I made a funnel in AI (customEvent1 to customEvent2), it gives me a before, after number and percentage. But I would like to summarize it by customDimension. let allEvents=customEvents | where ...
0
votes
0answers
23 views

Adding Where condition on Timestamp yields odd aggregated results

I'm looking into Azure Monitor queries for the first time, and can't understand why adding this line: | where timestamp <= ago(1days) makes the query results "de-aggregated." Screenshots of ...
0
votes
1answer
41 views

Setting up data and options used by Azure Log Analytics with API Management

I have questions on using Azure Log Analytics for API Management. I cannot find more information on Azure Log Analytics with API Management. Questions What data is Log Analytics based on by default? ...
0
votes
2answers
28 views

Azure Log Analytics - Numeric Custom Field Plot on Chart

I am looking to get statistics on people logged onto a Remote Desktop Application pool within a date range. I have created a powershell script which counts the number of sessions for a specific ...
0
votes
1answer
13 views

Delete Azure Log Analytics solution after Workspace was deleted

I had an Azure Log Analytics Worspace with two Solutions and I deleted the Workspace without deleting the Solutions. Now when I try to delete the Solutions I'm getting an Unknown error from the portal....
0
votes
1answer
29 views

Is azure TenantId equivalent to azure log analytics WorkspaceId?

I'm trying to get from azure some information about computers. What I want to get back is the list of Azure wokapceId, SourceComputerId, Resource group for each machine. I used the ...
0
votes
2answers
57 views

Azure application insights or log analytics

What is the use case for Azure application insights or log analytics? I am using APIM and Azure Functions, and want to perofrm loggings for request, which one is best fit, application insights or log ...
0
votes
0answers
64 views

Azure loganalytics python SDK always throws MissingApiVersionParameter exception

I try to follow MS official doc to get the log from my resource in Azure Log Monitor but never success. My code is like below. from azure.loganalytics import LogAnalyticsDataClient from azure.common....
0
votes
1answer
53 views

What is the name of the Agent to connect a Linux server to Azure Log Analytics Workspace?

I have the need to send my logs to Azure for my custom product. The users of my product can decide what to do (if anything) with these logs. I created a Log Analytics Workspace in the Azure Console....
0
votes
1answer
28 views

Problem seeing custom application log in Azure Log Analytics

I have an Azure Linux VM running a custom product. I want to upload the logs to Azure. At this point I just want to save the logs in Azure, but at a later date I will possibly scan the logs for ...
0
votes
0answers
51 views

Kusto queries render function ignores specified Y range

I'm having a problem with the analytics tools, specifically the Analytics inside Application Insights as well as the Logs analytics inside a Log Analytics workspace. Regardless of query or chart type,...
0
votes
1answer
67 views

Azure Log Analytics Query with WHERE clause produces no results

I'm querying log entries in Azure Application Insights originating from AppCenter Diagnostics using Azure Log Analytics. In some log entries i use custom propertys. Now i'm trying to write a query to ...
0
votes
0answers
64 views

Azure Log Analytics REST API returns 502 (Bad gateway) error

I have a function that queries the Log Analytics Batch endpoint (https://api.loganalytics.io/v1/$batch) ~450 times a day, out of which ~60 requests return a 502 Bad Gateway. It is always the same ...
0
votes
1answer
75 views

How to transform a JSON array of objects to a Kusto table?

I have a JSON schema that I get from the server and I need to transform this JSON into a log analytics query language table and use that table to make a join with another table. The JSON has the ...
-1
votes
1answer
31 views

How to connect Log Analytics to Office 365 after the OMS portal is over

Previously I used OMS portal to connect Office 365 to Log Analytics. However, I do not know how to connect after OMS portal is discontinued. Is there a way to connect Log Analytics to Office 365?
2
votes
2answers
66 views

What is the right way to store queries in a C# program?

I have written a program that uses an Azure API to run queries against the Azure log analytics repository. The language used to write this query is called Kusto. I have a lot of Kusto queries that ...
0
votes
1answer
93 views

Disconnect an Azure VM from a loganalytics workspace

i'm looking for a powershell way to disconnect a virtual machine from an OMS workspace. I wrote a powershell script to move a VM to an other subscription. So i have to re-connect this VM from '...
0
votes
1answer
54 views

Is there a way to group all the last inserted performance counters by machine in one row?

I'm trying to query log analytics Perf table. This table has performance counters about Computers. I want to get all performance counters for the machine in one row. I have written this Kusto query ...
0
votes
1answer
47 views

How can I create an alert in OMS when a Linux service is stopped?

I am trying to create an alert in OMS when a Linux service is stopped.
0
votes
1answer
41 views

Azure Log Analytics Metric Measurement Alert

I have a log query like, example_cl | top 1 by TimeGenerated desc | project in_use, unused, total = (in_use + unused) Which gives me a simple output; in_use unused total 75 45 120 I ...
0
votes
1answer
26 views

Public sample Logs table to demonstrate Kusto

The kusto tutorial references a Logs table. Is this data available publicly somewhere so as to try kusto out on a very large data store?
0
votes
2answers
42 views

makeset operation not preserve ordering?

The following command does not produce a consistent ordering of items: KubePodInventory | where ClusterName =="mycluster" | distinct Computer | order by Computer asc | summarize makeset(Computer) ...
0
votes
1answer
18 views

Tabular type used with “in” condition

How can I use a tabular type in an in conditional statement? See the last condition in the second query below: Computer in clusterNodes. I get the following syntax error: Query could not be ...
0
votes
1answer
107 views

Kusto: How can I get the value from the column that doesn't participate in a SUMMARIZE?

Having the below table and Kusto query, how can I obtain a result that has the Purchase column? let ProductsTable = datatable(Supplier: string, Fruit: string, Price: int, Purchase: datetime) [ '...
0
votes
1answer
87 views

How to create multiple alert in same time using ARM template

I want to configure Log Analytics alert using ARM templates so just following given link:- https://docs.microsoft.com/en-in/azure/azure-monitor/insights/solutions-resources-searches-alerts#sample ...
0
votes
0answers
55 views

Table joins in Azure Log Analytics

Hello can i please have some help to get this join to work? From the OfficeActivity table, if there is a result i want to check if there is also a row in the SecurityAlert table and join, probably ...
0
votes
0answers
57 views

How to fix stacked column type in Azure Log Analytics?

LogManagement default values are not displaying in CHART Using the default reports with basic settings for WAF diagnostics, I clicked the eye icon next to LogManagement it lists the table perfectly, ...
0
votes
1answer
23 views

Share Log Analytics reports

I'm creating some Log Analytics to collect data from Event Hub and Application Insights. Can Log Analytics reports be viewed by users outside of Azure? For example, can I give to my client a ...
0
votes
0answers
138 views

rsyslogd-3000: omazuremds error at connect(). errno=No such file or directory

I'm receiving the following error after cloning a Linux VM from one region to another: rsyslogd-3000: omazuremds error at connect(). errno=No such file or directory The source VM was connected to ...
0
votes
1answer
59 views

Azure Log analytics simple pie chart

I have a query like; example_CL | where field1 =="name" | top 1 by TimeGenerated desc Gives me the latest row with the latest value of "name" like; name quota used samplename 100 75 ...
0
votes
1answer
50 views

Is there a way to get which Log Analytics Workspace an Azure Resource belongs to using Powershell?

I'm looking for a way to obtain which OMS workspace my APIM Services resource is logging to using PowerShell. I want to then configure my Application Gateway to log to the same workspace. When I go ...
0
votes
0answers
170 views

NSG Flow Logs don't appear in Azure Monitor

I cannot find corresponding NSG flow logs for the action that I manually triggered. NSG Flow Logs are enabled and configured in the Azure portal under Network Watcher -> NSG Flow Logs. Only default ...
0
votes
1answer
64 views

Authenticate to Azure Log Analytics Api using OAuth2.0 Client credentials

I am trying to access my Azure app registered in Azure Active Directory(AAD). I am using the OAuth2.O Client credential protocol (https://dev.loganalytics.io/documentation/Authorization/OAuth2). ...
0
votes
0answers
87 views

How to create Azure monitoring heartbeat alert by using Terraform

I want to create an OMS Heartbeat alert using Terraform for when a server is down. How can I set an alert in OMS when a VM is powered off or is not available? I need the alert to be generated as soon ...
1
vote
1answer
71 views

Connecting Azure Activity Log to Log Analytics instance using PowerShell

Is there a way to configure Azure Activity logs to be forwarded to a Log Analytics instance using PowerShell? Essentially the same that can be performed using the Portal as outlined on this page: ...
0
votes
0answers
40 views

Azure log analytics: monitoring successful sign-ins following repeated sign-in failures

I'd like to use Azure Log Analytics to create a monitoring alert for possible brute-force attempts on my users' accounts. That is to say, I'd like to be notified by Azure (or, at the very least, be ...
0
votes
1answer
29 views

Same SourceComputerId in Log Analytics for cloned machines

Recently we had cloned new machines to our system but they are still reporting to Log Analytics with the SourceComputerId property from the source machine (which new ones was cloned from). How to fix ...
0
votes
1answer
153 views

Querying Azure Log Analytics from C# application

I am struggling for the past few day to query custom logs from Azure Log Analytics. I've been following tutorial provided by Microsoft from https://dev.int.loganalytics.io/documentation/1-Tutorials/...
0
votes
0answers
51 views

error InsufficientAccessToResource when creating new alert in oms that uses cross appinsight query

am trying to create new Alert in OMS using cross application query. In the condition box am entering query as app('appinsightname').exceptions but gui shows red alert saying invalid query. using ...
1
vote
1answer
79 views

Understanding Kusto

I am trying to understand Kusto (Log Analytics Query Language in Azure). According to the documentation; To retrieve , project name and resultsCode from the dependencies table, I need to enter the ...
0
votes
1answer
25 views

AKS custom log log analytics

I'm not able to collect customs logs inside a pod. I can not find a clear procedure for doing this with log analytics. For example, I want to collect the Solr logs that are in a pod (/opt/solr/server/...
0
votes
0answers
18 views

How to create pivot chart in log analytics

So I'm struggling with log analytics and its documentation is pretty poor. I have a table that has user_id and config_id in it. Each time a user creates a new config, I create a new "config_id" to ...
0
votes
1answer
45 views

Store and query static data in log analytics

While creating custom log search alerts in log analytics workspace, I want to store some data and query it in alert query. Basically, it is a mapping like ABC -> DEF, GHI -> JKL. These mappings can be ...
0
votes
1answer
86 views

Where are dimensions of load balancer metrics within log analytics

I'm trying to build a Kusto query based on dimension attributes of the DipAvailability metric for a load balancer in log analytics. Documentation states they are ProtocolType, BackendPort, ...
0
votes
1answer
57 views

Can I trigger LogAnalytics to send an email containing the error itself each time an error is written?

At our company we are discussing how to approach logging, in a general, generic way. We have multiple Azure subscriptions for multiple customers. My vision: Log everything to Log Analytics and send ...
0
votes
1answer
74 views

Is there an ARM template solution to create OMS alerts for Log analytics

I am trying to create an oms workspace with alerts attached to it through ARM templates. I already created an OMS workspace and for the alert part I followed the following tutorial. After some ...
0
votes
0answers
215 views

Azure Log Analytics Query/fetch data using rest api by Workspace id and PRIMARY KEY

Currently I am using Azure log analytics. I can able to post data on azure log analytics and able to see on azure portal as well. Using below reference to post/log data and It's working fine.: https:/...
0
votes
1answer
49 views

Kusto — generate data diff / delta --

I created a custom data type to store some configuration of an external product. So each day I send the configuration of this specific product / service ( multiple rows but with identical data model) ...

http://mssss.yulina-kosm.ru