Nov 14 2021
11:57 AM
- last edited on
Apr 08 2022
10:56 AM
by
TechCommunityAP
Nov 14 2021
11:57 AM
- last edited on
Apr 08 2022
10:56 AM
by
TechCommunityAP
Hi ,
Am triggering alert using application insight logs whenever the below query doesn't return any records
Alert #1
customMetrics
| where timestamp > ago(5m)
| where name == 'HeartbeatState'
| where cloud_RoleName in ('Demoservice1')
| summarize count() by bin(timestamp, 5m), cloud_RoleName;
This alert is working as expected but this alert also fires when ever Daily Data cap reached and Data ingestion is stopped .
Am using the below query using log analytics workspace logs to trigger alert when Data ingestion stopped
Alert#2
_LogOperation | where Operation =~ "Data collection stopped" | where Detail contains "OverQuota"
I don't think its possible to Suppress alert1 when alert 2 is triggered . I couldn't combine this both query because one is from AppInsight and other one is from Loganalytics worspace.
I have also tried to find Daily Cap reached message from Activity log but am not sure how can i use that along with customMetrics Query.
Any suggestion please to avoid getting alerts once Data ingestion stopped
Thanks!
Nov 15 2021 05:15 AM
Hi @Racheal2k,
Log Search Alerts supports alert rules combined from both AI + LA and looks like it should solve the problem. What was the issue you've faced with?