May 27 2020
12:29 PM
- last edited on
Apr 08 2022
10:27 AM
by
TechCommunityAP
May 27 2020
12:29 PM
- last edited on
Apr 08 2022
10:27 AM
by
TechCommunityAP
Hi all,
Do you know why I have duplicates records on some of my scanned files in my Log Analytics? , the only difference I see is the LogId_g which is different.
Thank you.
May 28 2020 07:25 AM
You have answered your own question, if there is a difference then it will be sent (even if the time/date is the same)
May 28 2020 10:57 AM
Thank you Clive for the answer. But do you have an explanation why the scanned files would have another different logid_g if the AIP scanner has only scanned 1 time in this repository?
May 28 2020 12:02 PM
SolutionOct 08 2020 01:52 PM
Hi @CliveWatson,
Like @VoTran I am also seeing duplicate rows in my Log Analytics workspace for AIP. This is from an AIP Scanner job. Every file discovered by the scanner has a duplicate row.
Logid_g looks like some sort of GUID, but I cannot find a complete schema reference for InformationProtectionLogs_CL table (some of the columns are described here: https://docs.microsoft.com/en-us/azure/information-protection/reports-aip)
With the Distinct operator in KQL I've managed to de-dupe the rows for reporting, however it would be fantastic if we could get an explantation for the duplicates and complete schema reference if possible please?
May 28 2020 12:02 PM
Solution