Jun 29 2020
07:57 PM
- last edited on
Apr 08 2022
10:30 AM
by
TechCommunityAP
Jun 29 2020
07:57 PM
- last edited on
Apr 08 2022
10:30 AM
by
TechCommunityAP
Are there any plans to integrate Azure Resource Graph with Log Analytics? Once the integration is available it will be super easy to setup alerts based on resource meta data and monitor data. Since both using Kusto language, it should be easy to cross workspace kind of query I guess.
Jun 30 2020 09:02 AM
@yesoreyeram you can use workbooks which can combine data from ARG and LA and Kusto
Jun 30 2020 09:07 AM
Solution@shijain13 yea. It is possible. But how do you combine results from both the queries. ( join kusto queries / cross workspace queries / etc ). Currently only we can query Log analytics / application insights.
Jun 30 2020 09:07 AM
It would indeed be useful for :
Jun 30 2020 09:12 AM
As @pvyver mentioned, it would open the possibilities like dynamic thresholds in log based queries based on resource meta data like size, environment etc. @shijain13
Jun 30 2020 09:13 AM
@yesoreyeram In workbooks we offer merge - in Add Queries you will see this as an option.
Jun 30 2020 09:15 AM
Jun 30 2020 09:18 AM
@yesoreyeram here is the doc link for merge https://github.com/microsoft/Application-Insights-Workbooks/blob/1ddc38529f498c209fb3fe21795f607d4cd...
Jun 30 2020 09:24 AM
Jun 30 2020 09:29 AM
@yesoreyeram i see so it becomes tag based management of alerts config. I believe currently you can use ARE templates for alerts to deploy to different environments. Adding @ofmanor
Jul 09 2020 11:10 AM
@yesoreyeram - this is high on our list, but unfortunately, gets pushed away, as more urgent stuff comes in. But we will get there, we understand the need and will address it.
Dec 29 2020 10:07 AM
@OlegAnaniev- I would like to join in a Sentinel workbook an ARG 'resources' query with a Log Analytics 'SecurityAlert' query to produce aggregated output like this:
Resource Group No. of Resources No. of Alerts
------------------ ------------------- --------------
rg_A 50 1,295
rg_B 125 96
Is that possible? I have tried the Merge query, however have not found a way to imclude aggregate columns.
Oct 18 2023 02:35 PM
Jun 30 2020 09:07 AM
Solution@shijain13 yea. It is possible. But how do you combine results from both the queries. ( join kusto queries / cross workspace queries / etc ). Currently only we can query Log analytics / application insights.