Azure Log Analytics returning wrong duplicates

Question

when pushing the IIS logs to Azure log analytics, then Azure log analytics produces multiple results for 1 row!

I have 2 Azure Windows VMs with a load balancer in front of them, doing round robin. For example, in the IIS log file of server 1 (on C:\inetpub\logs\LogFiles\W3SVC28\u_ex19120214.log) I see an entry, e.g.

2019-12-02 14:41:11 10.1.0.9 POST /api/workflow/0e12108c-0428-4cf7-8370-8c3531188486 - 443 - .....

On Server 2 I don´t have such an entry with that same time stamp, meaning that request was routed to server 1, and server 2 never saw that request.

However, when I go to my Log Analytics workspace in the Azure portal and write following Kusto query:

W3CIISLog
| where csMethod == "POST" and csUriStem startswith "/api/workflow/"
| order by TimeGenerated desc 

I do get multiple results back of that entry! E.g.

12/2/2019, 2:41:11.000 PM   /iislogblob/v0/tenant=0bc29ada-175f-848a-8b9d-5d171e5b9d6a/00000000-0000-0000-0000-000000000001/AOI-0bb29ada-175f-848a-8b9d-5d171e5b9d6a/214c15bd-6ac0-e4f5-9042-155aa88f1308/W3SVC28/u_ex19120214.log  168 2019-12-02  14:41:11    mytest.example.at   10.1.0.9    POST    /api/workflow/0e12108c-0428-4cf7-8370-8c3531188486  -   443 -....
12/2/2019, 2:41:11.000 PM   /iislogblob/v0/tenant=0bc29ada-175f-848a-8b9d-5d171e5b9d6a/00000000-0000-0000-0000-000000000001/AOI-0bb29ada-175f-848a-8b9d-5d171e5b9d6a/214c15bd-6ac0-e4f5-9042-155aa88f1308/W3SVC28/u_ex19120214.log  168 2019-12-02  14:41:11    mytest.example.at   10.1.0.9    POST    /api/workflow/0e12108c-0428-4cf7-8370-8c3531188486  -   443 -....

As you see, it is exactly TWICE the same there. The only difference is one property, called _ResourceID, which sometimes ends with "/virtualmachines/dotextwebvm01" and sometimes with "/virtualmachines/dotextwebvm02".

So why does Log analytics produce 2 rows there? Where does the second one come from?

There are many examples similar as the above one. However, it is not always 1 IIS entry => 2 azure log analytics rows. Sometimes it is 1 IIS entry => 1 azure log analyics row (which is correct), and sometimes 1 IIS entry => 3 azure log analytics rows.

Any idea how I can fix that?

One additional background information: I installed VM1 and later on cloned it to create VM2. So they still have the same computer name, but different azure ressource ids....