Forum Discussion

khmi905's avatar
khmi905
Copper Contributor
Aug 23, 2024

REST endpoint for querying in log traces (kusto based)

Do anyone here know if there exists a REST endpoint for querying in log traces (kusto based) like this sample:

 

traces
| where timestamp > ago(60m)
| parse message with xx "instance=" instance "," yy
| summarize ['instances'] = dcount(instance) by bin(timestamp, 60sec)

 

It works in Azure portal but I would like to execute the query programmatically and not through a UI.

 

/kristian

1 Reply

  • sdtslmn's avatar
    sdtslmn
    MCT
    Aug 23, 2024

    you can execute Kusto queries programmatically using the Azure Data Explorer (ADX) REST API.

     

    here are your parameters

     

    endpoint: https://<clusterName>.<region>.kusto.windows.net/v1/rest/query

    HTTP Request:

    • Method: POST
    • Headers
      • Authorization: Bearer <your-access-token>
      • Content-Type: application/json
    • Body 
    {
  "db": "<your-database-name>",
  "csl": "traces | where timestamp > ago(60m) | parse message with xx 'instance=' instance ',' yy | summarize ['instances'] = dcount(instance) by bin(timestamp, 60sec)"
}