Home

Azure Log Analytics

18 Conversations

Latest Activity

Custom List Message Item

Azure Log Analytics has been enhanced substantially and now offers an improved search and analytics experience. This includes interactive query language and an advanced analytics portal, both powered by a highly scalable and powerful data store.

 

The que

... Read More
708 Views
4 Replies
The links have been fixed.

None of the links seem to work

The query language needs a unique, searchable name.

We need a way to refer to the query language and to share content with the community.

As my skills with the query language grows, I can write lots of blog articles to help others with their search for help

... Read More
35 Views
2 Replies

Thanks for the recommendation, Tim! Completely agree with your sentiment.

 

For those who aren't aware, "Kusto" is the internal-MS codename for the data platform on which

... Read More

Using the new OMS Log Analytics query language, how do I get a scalar value out of a table?

That is, what is the equivalent of this TSQL query, presuming Table1 has a single row:

Select @ScalarVar = Column1 from Table1

 

47 Views
4 Replies
Hi I am not very familiar with SQL but I think you are probably are looking for let statement: https://docs.loganalytics.io/docs/Language-Reference/Query-statements/Let-statement Read More

Hi and thanks for reporting! @Noa Kuperberg to get the fix in to both the tutorial and the diffpatterns doc page.

 

The synthax has changed to diffpatterns_v2. For exampl

... Read More

Following the multiple dimensions documentation example it says

Multiple expressions in the by clause creates multiple rows, one for each combination of values.

I want to query their sample database for networks bytes Send and Received per each computer. St

... Read More
33 Views
1 Reply

Not as clean as I would like but I have figured out that a string concatenation would do the trick

 

Perf
| where (CounterName == "Bytes Received/sec" or CounterName == "Byt
... Read More

Is anyone at Microsoft or anywhere else working on a custom NLog target for write log messages to the OMS data collector API?

16 Views
0 Reply

I am experimenting with creating alerts using the new query language against data uploaded through the data collector API.

I am consistently seeing a 10 minute delay between when an alert query is run and when the alert email is sent. With tight time restr

... Read More
60 Views
2 Replies
This seems to be a bug. I've notified the responsible team for this and hopefully they will get it fixed.
Best Response

Hi, we are exporting all Activity Logs (from all subscriptions) to a separate storage account. There they are stored as json files. How can I query the files for special events with powershell? Are there any apps in the store for this? Can I query it with

... Read More
63 Views
1 Reply
Hi You can configure you Azure Activity Logs to be send directly to Log Analytics (part of OMS). From there using the new query language you can perform many functions to... Read More
Best Response

Hello,

Is it possible to authenticate with client credentials to access the log analytics API?
I've been following the steps on https://dev.loganalytics.io/documentation/Authorization and both the explicit and the implicit flow is working fine to retrieve a

... Read More
196 Views
5 Replies

(original reply replaced with resolution)

 

Hi Johan, 

 

For the direct URL https://api.loganalytics.io, we will not currently be able to support client credentials. Howe

... Read More

I'm currently getting "Disk Reads/sec" and "Disk Writes/sec" from the windows performance counters and pulling them into OMS.

 

If I use the Advanced Editor, the timechart I generate looks great as it begins at the start of my data. When I take the same que

... Read More
214 Views
7 Replies

1) When you say "pulling into OMS" - Do you mean the Log Search page in OMS or the View Designer or overview tile.

2) By Advanced Editor do you mean Advanced Analytics po

... Read More

My guess is you're overloading your chart with too much data.  I just tried it out, and increasing the bin size seems to correct it.  1sec is pretty extreme anyway for a

... Read More
Best Response

I'm trying out the Application Insights Connector in OMS and noticed that queries that worked in the Application Insights Analytics searches don't seem to work in OMS. These queries involve summarizing over custom fields of custom events.

 

What I think I'm

... Read More
205 Views
4 Replies

Hi,

I haven't used the connector myself, but indeed the data structure is not equivalent to that used in Application Insights. Summarizng the data should still be possibl

... Read More

We have a requirement where we should be able to lookup data from an external text file and use it in our filter conditions in the queries.

 

Since we did not see an option to do a lookup, we decided to attach a text file to one of the VMs and create a cust

... Read More
172 Views
6 Replies

For your query specifically it seems like this should work, assuming you have ingested using Custom Logs functioanlity data from Custom Logs into the table User4_CL.

//As

... Read More

Hi,
you can do it quite like you show above. For example, here's how you can query Event logs of computers that also have security events from the last hour:
let computers_

... Read More
Check out the latest version on the one and only free OMS book - Inside the Microsoft Operations Management Suite https://gallery.technet.microsoft.com/Inside-the-Operations-2928e342 Read More
99 Views
2 Replies

Looks fantastic Stas, wow! I hope we'll see a new version next year with the new language! I'd be happy to help, let me know if I can contribute in any way.

Hello!
I need to collect memory usage data on several VMs
One way to do so is to enable Guest Monitoring in each VM.
I wanted to know if enabling it would add costs to the subscription.
I also wanted to know if there's any easier way than enabling one by one

... Read More
84 Views
1 Reply

I can't comment on the Guest Monitoring portion (I'll have to research it), but as for OMS...

If you are using the Free Tier of OMS, then there is no cost. You are just li

... Read More

Where's the best place to request suggestions and improvements?

88 Views
2 Replies
Suggestions for the language can be requested here, or in our Log Analytics user voice: https://feedback.azure.com/forums/267889-log-analytics Read More

I'm not able to login to the Andvanced Analytics Portal - stuck at 'Hold on authentication is in progress'. Tried with a several different Log Analytics resources, even ones in different subscriptions. Any ideas?

122 Views
3 Replies
Best Response
Hi Felix, I am not able to reproduce the issue, do you still experience it? One idea is related to permissions (although you should have seen 403 error in that case). Do ... Read More

Docker container is an emerging technology to help developers and devops with easy provisioning and continuous delivery in modern infrastructure. As containers can be ubiquitous in an environment, monitoring is essential. We've developed a monitoring solu

... Read More
266 Views
0 Reply

Azure Log Analytics has been enhanced substantially and now offers an improved search and analytics experience. This includes interactive query language and an advanced analytics portal, both powered by a highly scalable and powerful data store.

 

The que

... Read More
708 Views
4 Replies
The links have been fixed.

None of the links seem to work

 

Announcing the new and improved Azure Log Analytics

The Azure Log Analytics service is rolling out an upgrade to existing customers today offering powerful search, smart analytics, and even deeper insights.

Read more here

 

 

Read More
118 Views
0 Reply