Forum Discussion
custom field
I have custom filed and I want to alert me when the value passing the threshold. I have extracted the value however if anything above that value didn't get any result.
example: Custom Logs => mytestlogs_CL
extract filed => "extract_cf"
example field result => "3456" or "7856" or "3451" so on. the KQL search
"mytestlogs_CL| where extract_CF > 1"
the result is returned even tough for there are?
Deleted
Are the values strings - you have shown them with " "?
Go to Log Analytics and run query
EventID count_ 9992 24 9991 24 9993 24 9994 24 You maybe need to try, using toint() e.g. Go to Log Analytics and run query
let t = datatable (aString:string, aNumber:int) ["1234",1, "5678",2]; t | where toint(aString) > 1 | project aString
1 Reply
Deleted
Are the values strings - you have shown them with " "?
Go to Log Analytics and run query
EventID count_ 9992 24 9991 24 9993 24 9994 24 You maybe need to try, using toint() e.g. Go to Log Analytics and run query
let t = datatable (aString:string, aNumber:int) ["1234",1, "5678",2]; t | where toint(aString) > 1 | project aString