Stack Overflow
Stack Overflow

Questions tagged [azure-log-analytics-workspace]

98 questions
5
votes
1 answer

Add a row with total in Log Analytics Kusto query

I query a request log for a summary of status codes. However I would like to add a row at the end of the results, showing the total number of requests. How do I add such a row? Current query (simplified) MyLog | summarize count() by…
Brandhout
  • 128
  • 1
  • 6
3
votes
1 answer

How can I parse path parameters from a url in KQL (Kusto for Log Analytics)?

An application insights instance is tracking the request ingestion for a service with the following url path pattern: http://testurl.net/item/{itemId}/store/{storeId}/buyme When I go to log analytics to query based on the itemId and storeId, I can…
Rolan
  • 2,924
  • 7
  • 34
  • 46
2
votes
2 answers

azure monitor to alert on low space on /root , /var and /etc

I have Azure Linux VMs for which i want to configure Azure-Monitor Alerts when my /root,/etc and /var volumes are more than 90% utilized. Please suggest way to achieve this.
swadesh
  • 19
  • 2
2
votes
1 answer

KQL return size of tables in a LAW with size in GB, MB, KB

I want to calculate the size of each table in a given Log Analytics workspace and have the sizes returned in GB, MB etc. The following code works partially , but since I'm not using the units arg the format_bytes func is not returning expected…
newby88
  • 27
  • 1
  • 6
1
vote
1 answer

Exclude SQL statements in Audit logs for Azure SQL Server using Set-AzSqlServerAudit

I'm trying to remove all Select statements from Log Analytics of Microsoft Azure SQL server. I found in Microsoft docs that introducing PredicateExpression in Set-AzSQLServerAudit can help me to achieve this. I tried couple of expressions to disable…
arthus
  • 13
  • 4
1
vote
2 answers

is it possible to get the ingestion volume of a log analytics workspace using powershell or any programming language?

I am getting a summary of our log analytics workspaces in the company, this includes the tables that are being used in each workspace, as well as other data such as the ingestion volume. The closest thing to "get" this is to use this command in…
samauces
  • 33
  • 5
1
vote
1 answer

Understanding Azure ADX, Log Analytics, and Application Insights: Use Cases, Data Retention, and Benefits

Azure ADX (Kusto), Log Analytics (LA) & Application Insights (AI). These three offerings from azure are bit confusing to me. What is the situation when I will be using one over other. I understand when I provision an AppInsights underneath a LA is…
Shiju Samuel
  • 1,373
  • 6
  • 22
  • 45
1
vote
0 answers

Combining rows and columns returned by kusto query into a single json key value object pair in javascript and applying pagination

Hi I have some data in azure log analytics workspace, and have a requirement where we need to display the data retrieved from azure to my UI. Below is the query that i tried " | take 2" And the result i received is { "tables": [ …
Sindhu1990
  • 85
  • 6
1
vote
1 answer

How to use Azure Kusto to get the unique Ids from a split section in column

I have a kusto query which returns all user's url, I need to take the userId from the url and only count the unique value (by userId). What I already made is: using | project userIdSection = split(parse_url(url).Path, "/")[-1] in the query to…
jumpingbunny
  • 55
  • 5
1
vote
0 answers

Azure AppInsights Distributed Tracing Issue

I am using Azure AppInsights in our FrontEnd (Angular app) and Backend API (.NET Core). We need to have distributed tracing to tie together the telemetry recorded in the tables - PageViews, Dependencies, Requests, Exceptions, etc. Now we see the…
user1220169
  • 805
  • 2
  • 9
  • 14
1
vote
1 answer

Troubleshoot App Insight displaying only some logs

I need to see the logs of a .Net application that runs in Azure App Service. I see many logs in the application source code that I expect to see in Application Insights, but, going to Application Insights > Transaction search (All data last 24…
s.demuro
  • 399
  • 2
  • 15
1
vote
1 answer

Azure Analytics Log FunctionAppLogs extract JSON fields into columns

I would like to extract the JSON fields into columns for Message: FunctionAppLogs | order by TimeGenerated desc | where FunctionName == "TelemetryListenerCalculateAlgoPostNewState" | where Message has "Telemetry Message" | where TimeGenerated >…
Sergio Solorzano
  • 476
  • 9
  • 29
1
vote
1 answer

KQL. How can I make columns to show how many VM's connected every hour in a day?

I have KQL that shows how many VM's connect in a time range. And shows Start time of connection, Stop time and Duration. My code: WVDConnections | where SessionHostName contains "VM" //| where UserName contains "" | where State contains "Started" |…
TMAC
  • 45
  • 4
1
vote
1 answer

FluentBit into Azure Log Analytics Workspace memory buffer

I have a client application that runs in AKS with a pod that forwards the logs to Log Analytics Workspace. The software is from a third party that they purchased and we are spitting out Log4J2 logs using the JSON formatter (a custom one, not the…
el n00b
  • 1,957
  • 7
  • 37
  • 64
1
vote
2 answers

How to use KQL to format datetime stamp in 'yyyy-MM-ddTHH:mm:ss.fffZ'?

I receive the error format_datetime(): failed to parse format string in argument #2 when trying to format_datetime() using ISO8601 format yyyy-MM-ddTHH:mm:ss.fffZ. If I leave the T and the Z out, it works, Surely KQL can format datetimestamps in…
ericOnline
  • 1,586
  • 1
  • 19
  • 54
1
2 3 4 5 6 7