Azure Monitor-Log Analytics

Welcome to the "Azure Log Analytics ":https://azure.microsoft.com/en-us/services/log-analytics/ Feedback page. We appreciate your feedback and look forward to hearing from you. Use this site for new ideas and bug reports or to request help.
NOTE – Log Analytics is now a part of Operations Management Suite. Learn more at http://microsoft.com/OMS

  • Hot ideas
  • Top ideas
  • New ideas
  • My feedback
  1. Allow user to define the sample data set for Custom Field mapping with FastExtract

    Log Analytics provides for modeling custom fields in custom logs using FastExtract.

    The mapping tool limits the user to the top 100 log entries when doing the modeling of custom fields. This can be seen in the interface when doing a field extract by clicking the "hide tips" link in the right hand side. The tips scroll away revealing the Condition section which indicates a "take 100" limit.

    I've struggled to create fields that contain all possible values for a field or column in my custom logs due to this arbitrary limit.

    A much more useful implementation would be to…

    8 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
  2. Provide a means to strip confidential info from Event logs such as ids, server names, etc

    Certain info in Event logs especially the security log could be useful to hackers. This needs to be treated as sensitive info. Assume this info could be compromised.

    8 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
  3. Import custom xml .net app logs

    Custom Log import. We have some .net applications that write error logs to a .xml file and we would like to be able to import and parse those logs.

    7 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
  4. Application Data Collection for All Win10 OS.

    ability to pull application information for all versions of operating system, not just those that are below the target OS level. This could be tied into PowerBI then, to show high-level information about the applications installed. Currently the Data in the OMS portal is only displayed for Operating systems below 1709, therefore we are unable to view app data for a couple thousand devices, that are already upgraded to 1709. An Example of a report we would like to see is attached. (currently pulling from Upgrade Analytics tables)

    7 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
  5. Create a functionality for synthetic IP Logging for something similar to pingdom

    A functionality for synthetic tracking for Uptime SLA would be extremely useful. Currently we use: pingdom, but it would be nice to consolidate down our tooling.

    7 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
  6. Grouping Custom Fields with the same name and different Custom Log name

    Hi everyone,

    It's possible group all Custom Fields, with the same name but with different Custom Log name?
    EX: Custom Field: Module_Name_s Custom Logs: Custom_Log1_CL, Custom_Log2_CL

    Best Regards
    Hugo F.

    7 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
  7. Collect data from Azure SQL Database.

    Customer want to various logs to the "Log Archive System". If we can use Azure SQL Database as a source, we can collect all kind of logs from it with custom solution writing to Azure SQL Database.

    7 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
  8. Data Type Format

    Hi,

    It will be an good idea if we could change de Data Type Format assumed by OMS. Ex: When i send many data over HTTP Data Collector API some fields are recognized like string and not numbers.

    7 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
  9. � Symbols in many Custom Fields of Custom Logs

    Hi,

    I'am experiencing the appearing of � on every registry's who have characters with accents. Ex: Patrício. On OMS it appears like: Patr�cio.
    (Maybe a codification problem)
    It's possible solve that problem?

    6 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
  10. Selective custom log collecting | filter custom log BEFORE send data to OMS

    We need a solution with which we can define which entries are sent to the OMS cloud. This is the only way to ensure that no sensitive data is sent to the OMS Cloud..

    The best solution would be to define which log entries are sent. For example, only all entries that contain "xyz" – like Nagios rules.

    6 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
  11. Ability to create index for custom fields

    As an administrator of OMS I have created some custom fields on e.g. syslog message from a Cisco ASA device. The field values are system codes that is hard to remember for the Network Guys who are using OMS to analyse the syslog events, so they ask for a feature where they could map the values/codes to a more descriptive sentence instead of having to look at a reference document outside of OMS.

    If the OMS admin could enable the creation of a custom index for a custom field, they could map the ASA values/codes to the descriptive values. That…

    6 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
  12. Full instance name for performance counters

    Exchange Server has composite Instance names. For example, latency info for databases is located in "MSExchange Database ==> Instances(*)\I/O Database Reads (Attached) Average Latency" counter . An instance name looks like 'Information Store - DB1\_Total', 'Information Store - DB2\_Total'. But Log Analytics leaves only last part of an instance value an I see "_Total#1", "_Total#2" etc. It's not possible to identify a corresponding database. It's necessary to store a full instance name in some column.

    6 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
  13. Custom Field Data extract

    Hi guys,

    When i try to extract data to a new custom field this error appears and i don't had any custom field with the same name that i give to the new.

    The error is:

    This is an error of OMS?

    Congrats

    6 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
  14. BUG: Log Search Filtering by TimeGenerated range produces different results than the setting date range through gui

    Problem:
    Log filtering by date range behaves inconsistently.

    Search 1
    Perform search of "Type=Event | Measure count() by EventID" with the 'Data based on last 1 day' restriction (on the left side of the screen)

    Search 2
    Now perform search of "Type=Event TimeGenerated:[NOW-24HOURS..NOW] | Measure count() by EventID" with same 'Data based on last 1 day'

    Problem 1 -
    The results are not the same - with a bigger problem coming up next

    Search 3
    Repeat search 1 "Type=Event | Measure count() by EventID"
    and NOW Search 3 matches Search 2

    WHAT THE HECK?

    To re-trigger the mis-match, simply change…

    6 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
  15. Preserve original event log order even if events have the same source time at millisecond level

    When two events fire very closely together in an application, their order is correct in the windows event log. However, in OMS log search, they are in random order, since their time is the same on the millisecond level.
    There are times that the event order is important.

    6 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
  16. kubelet

    it would be really nice to add the functionality to collect kubelet logs to log analytics for AKS monitoring.

    sudo journalctl -u kubelet -o cat

    https://docs.microsoft.com/en-us/azure/aks/kubelet-logs

    6 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
  17. Ability to monitor AD FS - Admin logs

    I want to collect events from the AD FS Admin log, but it is not listed as an available event log when I go to Data - Windows Log Events

    6 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
  18. Connect to Azure Storage should not take you to documentation

    I want to add additional storage accounts but all it keeps doing wihen I click connect is take me to documentation. Clicking the Connect to Azure Storage button should take me to a location to connect, not send me to a documentation page

    5 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
  19. read logs from database table

    Allow logs to be collected from a database table. this is a common place for applications to store error or audit logs (in our case an ETL is logging progress and status to 2 tables).

    5 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
  20. Sort Custom Fields Ascending / Descending for each column

    After custom fields are created through the Data Collector API, they appear in alphabetical order. Nice would be, if I could click on the column header and it would sort accordingly ascending or descending.

    5 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
  • Don't see your idea?

Feedback and Knowledge Base