Stack Overflow
Stack Overflow

Questions tagged [azure-log-analytics]

Use for Azure Monitor Log Analytics questions (was: OMS)

Azure Monitor Log Analytics is a service in Azure that monitors your cloud and on-premises environments to maintain their availability and performance (used to be known as Operations Management Suite - OMS). It collects data generated by resources in your cloud and on-premises environments and from other monitoring tools to provide analysis across multiple sources. This article provides a brief discussion of the value that Log Analytics provides, an overview of how it operates, and links to more detailed content so you can dig further.

1047 questions
2
votes
1 answer

Azure Cosmos DB Logs and Diagnostic Setting

The run feature seems to be disabled for me when I go to the Logs tab in the Azure Portal in Cosmos db. I have been meaning to run the built in query to get the top queries by consumed RSU units. Also, I have enabled the "Full-text query" feature in…
Aragon
  • 43
  • 3
2
votes
2 answers

Text truncated in Azure Monitor Workbook Table Columns

Im trying to write queries on Azure Workbook so that I can run queries on our logs, which would allow me to drill down and view exactly what the exception message is. While doing so, when I execute a KQL query, on the workbooks, the column values…
user1220169
  • 805
  • 2
  • 9
  • 14
2
votes
1 answer

Unable to link storage account to Log analytics workspace

We are using fluentbit to output application logs to a Azure log analytics workspace. The application log does appear in the workspace as a table under the Logs blade, Custom Logs category. So far so good. Due to the maximum retention period of the…
Frank Liu
  • 1,466
  • 3
  • 23
  • 36
2
votes
2 answers

How To use Azure Update management for Automating patch management of all Virtual machines under a subscription including future machines

I have an Azure policy which install Microsoft monitoring agent on all the VMs I have Automation Account which is linked to the Log analytics workspace. The Automation Account has a scheduler which has a dynamic query to fetch all the VMs with Tag…
Anjali Loganathan
  • 166
  • 9
2
votes
1 answer

Azure Dasboards alert based on percentage

In Azure dashboards, is there any way we can trigger alerts based on percentage instead of counts?.. Example if total total failures in 20 minutes is 20%, then trigger alert than just cheking the counts of the failures? Here setting the count is…
Vowneee
  • 956
  • 10
  • 33
2
votes
1 answer

How to use Kusto to return a max() row from a table, while showing other columns not used in the max grouping

Given the following Log analytics KQL query : SigninLogs | where ResultType == 0 | summarize max(TimeGenerated) by UserPrincipalName I need to display other columns from those selected rows in the SigninLogs table. I've tried different approaches…
AdamC
  • 23
  • 1
  • 3
2
votes
1 answer

how to use wildcard (*) for join parameter in KQL?

I'm racking my brain with this and would like some help. :) I want to know how to use wildcard(*) for join union parameter. I need to join two tables with the same names in the fields, however, some fields may come with the wildcard(*), since for…
luizao_f
  • 21
  • 3
2
votes
1 answer

what is the kusto query to get all the logs from all services which gets logged into azure monitor

I need to get all the logs from all services (data factory, data bricks, synapse analytics) in one place in the Azure monitor using a single kusto query. The below query gives me only data factory activity runs, I need a kusto query to get all logs…
Mounika
  • 63
  • 1
  • 5
2
votes
1 answer

Share basic Kusto query between multiple queries of a workbook

In my daily work I use Azure Log Analytics along with the Azure Monitor Workbooks. In most of these scenarios I am using some sort of parameters that users can use to drill down / limit the scope of the provided queries. This requires my to provide…
Basti Tee
  • 145
  • 4
2
votes
2 answers

Azure data factory and Log analytics

I want to perform some validation checks in ADF on my input data and any validation failures want to capture into Azure log analytics. Can someone guide me how to capture the custom logs into log analytics through Azure Data Factory please. Any…
Kumar G
  • 55
  • 2
  • 8
2
votes
1 answer

Getting number of rows using Left Join kql? Function 'row_number' cannot be invoked in current context. Details: the row set must be serialized

I have the following query: let p1 = pageViews | where url has "xxx"; p1 | join kind=inner (pageViews | where url !has "xxx") on session_Id | project timestamp1, session_Id1, url1, client_CountryOrRegion1, client_StateOrProvince1,…
Matas Vaitkevicius
  • 58,075
  • 31
  • 238
  • 265
2
votes
1 answer

Formatting milliseconds smartly

I have a query that summarizes some data that is in milliseconds: requests | summarize avg(duration) by name When I display this data, I would like to format it so that it shows the amount of time in a smart way: Examples: 1500 would display 1.5…
Dismissile
  • 32,564
  • 38
  • 174
  • 263
2
votes
4 answers

Express decimal with precision of 2 in KQL?

I have a value, expressed in bytes, being returned from an Azure Log Analytics query: I want to convert this to megabytes and make it more human readable. In this case, "4.19 MB". When I try to convert the byte value into megabyte, I can't seem to…
ericOnline
  • 1,586
  • 1
  • 19
  • 54
2
votes
2 answers

Strategies for working with more than 30k records in Azure Log Analytics results?

I have a Log Analytics Diagnostic Setting on a very active ADLS Gen2 Storage Account. The goal is to reconcile blobs uploaded to Containers within the Storage Account with blobs processed by an Azure Function. Problem: Azure Log Analytics does not…
ericOnline
  • 1,586
  • 1
  • 19
  • 54
2
votes
0 answers

Exception: 'Failed to start, as hybrid worker was not available when scheduled job started and last logged

I am using Azure Updatement Management for Windows VMs. I am getting the error below from several vms: Exception: 'Failed to start, as hybrid worker was not available when scheduled job started and last logged active at May 6 2021 7:56PM UTC. For…
MoonHorse
  • 1,966
  • 2
  • 24
  • 46
1 2 3
69 70