Blog Post: Aggregate on More Than One Column for Azure Log Search Alerts

%3CLINGO-SUB%20id%3D%22lingo-sub-202360%22%20slang%3D%22en-US%22%3EBlog%20Post%3A%20Aggregate%20on%20More%20Than%20One%20Column%20for%20Azure%20Log%20Search%20Alerts%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-202360%22%20slang%3D%22en-US%22%3E%3CP%3ELog%20Analytics%20alerts%20aka%20Azure%20Log%20Search%20Alerts%20allows%20you%20to%20create%20a%20single%20alert%20and%20trigger%20alert%20instances%20per%20a%20column.%20This%20is%20possible%20by%20creating%20metric%20measurement%20alert.%20Unfortunately%20these%20types%20of%20alerts%20also%20have%20a%20limitation%20which%20might%20be%20blocking%20in%20certain%20situation.%20The%20classical%20example%20for%20that%20limitation%20is%20to%20create%20a%20single%20alert%20that%20will%20separate%20instance%20for%20free%20disk%20space%20threshold%20for%20each%20computer%20and%20disk.%20Read%20the%20%3CA%20href%3D%22https%3A%2F%2Fcloudadministrator.net%2F2018%2F06%2F08%2Faggregate-on-more-than-one-column-for-azure-log-search-alerts%2F%22%20target%3D%22_blank%22%20rel%3D%22nofollow%20noopener%20noreferrer%22%3Efull%20blog%20post%20here%3C%2FA%3E.%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-LABS%20id%3D%22lingo-labs-202360%22%20slang%3D%22en-US%22%3E%3CLINGO-LABEL%3EAzure%20Log%20Analytics%3C%2FLINGO-LABEL%3E%3CLINGO-LABEL%3EQuery%20Language%3C%2FLINGO-LABEL%3E%3C%2FLINGO-LABS%3E
MVP

Log Analytics alerts aka Azure Log Search Alerts allows you to create a single alert and trigger alert instances per a column. This is possible by creating metric measurement alert. Unfortunately these types of alerts also have a limitation which might be blocking in certain situation. The classical example for that limitation is to create a single alert that will separate instance for free disk space threshold for each computer and disk. Read the full blog post here.

0 Replies