Azure Monitor-Log Analytics

Welcome to the "Azure Log Analytics ":https://azure.microsoft.com/en-us/services/log-analytics/ Feedback page. We appreciate your feedback and look forward to hearing from you. Use this site for new ideas and bug reports or to request help.
NOTE – Log Analytics is now a part of Operations Management Suite. Learn more at http://microsoft.com/OMS

  • Hot ideas
  • Top ideas
  • New ideas
  • My feedback
  1. archive data

    Would it be possible to archive data back to on-premise once the data retention limit is hit - specifically with logs?
    Maybe a powershell do download everything.

    It would be handy for organisations that need to keep information longer than 12 months.

    14 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)

    In the future we will work on plans for higher retention policy.

    For the ‘export’ functionality, you might want to check the API idea http://feedback.azure.com/forums/267889-azure-operational-insights/suggestions/6519057-programmatically-submit-search-requests-and-receiv but, realistically, after you uploaded terabytes of data over a few months time… even the concept of downloading everything back at that point seems daunting.

  2. Collect CMDB data held in the Windows registry

    I'd like to have the means to inventory a specific registry key location and bring in the values into OMS as associated with each computer. We imprint CMDB data at a known registry location and having this collected into OMS will allow me to create dynamic groups based on CMDB data.

    13 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
  3. Monitoring for ALL Azure Services

    I see on https://docs.microsoft.com/en-us/azure/log-analytics/log-analytics-azure-storage that monitoring for several Azure services is still missing, for example Machine Learning, Stream Analytics, Data Factory. These tools provide their own or storage/log structure for investigation, but a centralized monitoring solution for all our Azure services would be beneficial to avoid checking individually for problems in each service. Currently, we have to resort to creating custom monitoring code in Azure functions.

    Monitoring a custom log structure stored in blob storage would also be essential.

    11 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
  4. Failed to import the latest Advisor Management Packs to the Management Server

    Getting the following Alerts in SCOM 2012 server every 12 hours...
    Date and Time: 6/21/2016 11:08:36 PM
    Log Name: Operations Manager
    Source: Advisor
    Event Number: 55006
    Level: 2
    Logging Computer: SCOM-SERVER.DOMAIN.local
    User: N/A
    Description:
    Failed to import the latest Advisor Management Packs to the Management Server. Reason: System.ArgumentException: The requested management pack is not valid. See inner exception for details. Parameter name: managementPack ---> Microsoft.EnterpriseManagement.Common.ManagementPackException: Verification failed with 1 errors: ------------------------------------------------------- Error 1: Found error in 2|Microsoft.IntelligencePack.InventoryChangeTracking.Configuration|1.0.0.0|Microsoft.IntelligencePack.InventoryChangeTracking.Configuration|| with message: Could not load management pack [ID=Microsoft.SystemCenter.Library, KeyToken=31bf3856ad364e35, Version=7.0.8433.0]. The management pack was not found in the store. : Version mismatch. The…

    11 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
  5. Two successive configuration applications from OMS Settings failed

    When I used log search, I found error message about Linux Agent for DSC.

    - Error Message
    Two successive configuration applications from OMS Settings failed – please report issue to github.com/Microsoft/PowerShell-DSC-for-Linux/issues

    I found that this issue is discussed in below:
    https://github.com/Microsoft/PowerShell-DSC-for-Linux/issues/258

    But the date of fix is unknown.
    Error is very noisy for collecting log from Linux Agent.
    So, I want to know the date of fix as soon as possible.
    I want to decrease this error.

    10 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
  6. Integration with public rest API's for Sentiment Analysis

    Ability to pull in Four Square Checkin's, Twitter Feeds, weather etc so sentiment analysis can be added to log analysis for business realated event analysis

    10 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
  7. Include "Valued caching policies" on the analytics result

    It would be very helpful if you have a built-in mechanism for counting value cache misses/success.

    9 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)

    Thanks for your feedback. Your feedback is now open for the user community to upvote & comment on. This allows us to effectively prioritize your request against our existing feature backlog and also gives us insight into the potential impact of implementing the suggested feature.

  8. Capture DNS Server logs

    Can the OMS agent capture Microsoft-Windows-DNS-Server/Analytical logs?

    9 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
  9. Custom Logs to support Unicode files

    SQL Server supports unicode files only and this is not a supported format to import into custom logs. https://blog.sqlauthority.com/2018/05/14/sql-server-fix-msg-22004-the-log-file-is-not-using-unicode-format/

    9 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
  10. Add kubernetes specific information to container logs

    When running the agent on a Kubernetes cluster, it would be very useful to add kubernetes specific information to the log lines. For example:

    - namespace
    - pod name
    - tags

    9 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
  11. Add multiple performance counters at once

    When adding performance counters to collect, ability to add multiple performance counters at once with wildcards like: Processor(*)\* or SQLServer*

    9 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
  12. Enable IP geolocation resolver on custom logs containing IP addresses

    We use IIS advanced logging to add fields to our logs. This means we cannot ingest normal IIS logs. Therefore we ingest IIS logs using the Custom Logs feature. We do not get geo IP address lookups in this case.

    Please add a feature for all custom logs to indicate which columns contain client IP addresses, and enable geo resolution for those columns.

    9 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
  13. Auto Extraction of JSON Data

    It needs the ability to import JSON files (and other fomats such as XML) and have the fields auto extracted as custom fields. Without this, it makes searching on new fields cumbersome and creating new custom fields for all new JSON fields isn't feasible.

    This would more closely match the capabilities of Splunk and allow more people to make a more seamless transition.

    8 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
  14. Native XML Format Log Parsing/Ingestion

    Several tools, including Microsoft's tools such as IE Enterprise Discovery Toolkit, create XML formatted logs - please add the ability to parse/ingest XML format natively so we don't have to convert it to UTF-8 first.

    8 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
  15. Can I monitor process on Linux?

    Linux Agent can not monitor process other than custom log.
    When is process monitoring installed as a standard function?
    Customer wants to use it.
    Because customer need to take cost for using Custom Log.
    Now, customer redirects result of ps command to Custom log file.
    They want to stop these operation.

    8 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
  16. Apply Custom Fields to Data already on OMS and not only New Data

    Custom Fields is a great feature, allowing a flexible parsing of logs. But Custom Fields apply only to new data sent to OMS, and not 'old data'.
    Please make possible applying custom fields to old data so we can go back in time and benefit from the new fields we define.

    8 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
  17. Combine machine data with database data

    the goal here is to allow LA lookups database. so user can reference fields in an external database that match fields in machin data that has already collected by LA . Using these matches wiill add more meaningful information and searchable fields to enrich event and machine data.

    i can see it as a Connector to database

    8 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
  18. Ability to pull logs from log files using encoding other than UTF-8 and ANSI

    Ability to pull logs from log files using encoding other than UTF-8 and ANSI. This will be very useful to pull logs from MS SQL Server Logs like ERRORLOG and SQL Agent Log files, since these are not encoded using UTF-8 or ANSI. Also, OMS should be able to deal with log files which do not have an extension. For example, we cant pull off logs from SQL Server ERRORLOG since this file does not have an extension.

    8 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
  19. Add Log Analytics PerfMon Mapped Network Drives

    Allow collecting of Performance Monitoring logs relating to Mapped Network Drives

    wmi Win32_MappedLogicalDisk exists so adding it as a collection option should not be too bad

    8 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
  20. Exchange 2013/ 2016

    Exchange 2013/ 2016 Solution.
    Database failover info, if you want to really suck in a lot of data (we want this) transport tracking e.g. message delivery tracking. and Distribution Group usage (what DL's arnt being used)

    8 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
  • Don't see your idea?

Feedback and Knowledge Base