Azure Monitor-Log Analytics

Welcome to the "Azure Log Analytics ":https://azure.microsoft.com/en-us/services/log-analytics/ Feedback page. We appreciate your feedback and look forward to hearing from you. Use this site for new ideas and bug reports or to request help.
NOTE – Log Analytics is now a part of Operations Management Suite. Learn more at http://microsoft.com/OMS

  • Hot ideas
  • Top ideas
  • New ideas
  • My feedback
  1. Request to add BMC Remedy partner type in ITSM Connection

    Hi Team,

    Could you please add BMC Remedy partner type in ITSM connection in LogicApps as this connection is not available which is commonly used tool in most of the software companies.
    Adding this connector will help us to automatically creates remedy tickets whenever there is a failure in ADF or if any component reaches threshold limits

    73 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)

    Thanks for the valid suggestion. Your feedback is now open for the user community to upvote & comment on. This allows us to effectively prioritize your request against our existing feature backlog and also gives us insight into the potential impact of implementing the suggested feature.

  2. Please DO NOT RETIRE the demo site: https://portal.loganalytics.io/demo#/query/main

    For log analytics, there is a demo site: https://portal.loganalytics.io/demo#/query/main, which is very useful for testing purpose since it has a lot of data.

    And now I see it will be retired on September 2nd, 2019, please keep it alive.

    20 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
  3. Send logs for all Office 365 audit log entries/schemas

    Currently O365 logs are only collected for AzureActiveDirectory, Exchange, SharePoint and OneDrive workloads. Please add support for other audit log schemas as well, eg. the ones that are exposed via Office 365 Management Activity API: Teams, PowerBI, Sway, Yammer, ...

    38 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)

    Thanks for the valuable feedback. Your feedback is open for the user community to upvote & comment on. This allows us to effectively prioritize your request against our existing feature backlog and also gives us insight into the potential impact of implementing the suggested feature.

  4. Collect Log Analytics Logs by vNet not through internet.

    We would like to collect logs without going through the internet.
    We need to be able to connect some URLs on the Azure Datacenter via the Internet.
    Communication is encrypted and URLs are fixed, but important data such as security logs are sent, so it is more secure if we can collect it simply by connecting to vNet.
    If this feature is implemented, we can collect more important data such a customer data and audit information.

    31 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)

    Thanks for the valid suggestion. Your feedback is now open for the user community to upvote & comment on. This allows us to effectively prioritize your request against our existing feature backlog and also gives us insight into the potential impact of implementing the suggested feature.

  5. multiple OMS subscriptions to ability to pipe all Log Analytics data to one main OMS subscription

    We have multiple subscriptions under one tenant and one subscription will have 160 plus OMS subscriptions, all of which function as separate entities with their own resources. we would like to have the ability to pipe all Log Analytics data from these secondary subscriptions into your main subscription main OMS subscription, mostly for Threat Intelligence and Security Analytics so that you can correlate the data together. And to work with azure sentinel. Currently we have call AAD and office 365 data and AIP data go to the main OMS subscription. We need a central way to correlate data.

    3 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    8 comments  ·  Flag idea as inappropriate…  ·  Admin →

    Thanks a lot Aaron Shvarts for sharing your requirement. Currently there is a support to query cross resources with in Azure Monitor. However the limit is for 100 workspaces or application insights instance with in a query. https://docs.microsoft.com/en-us/azure/azure-monitor/log-query/cross-workspace-query . Please have a look and see if that could cater your requirement. We understand that the limit is 100 and your requirement is 160+ resources. Please let us know if the cross resource query is something you can use and if there is a feature requirement to increase the current limit of 100, that can be done by a new feedback thread. Thanks

  6. Log Analytics - Alert rule does not work if the table is not yet created

    We want to create an alert rule on the non-existent table(yet), this is because we are sending the PSCustomObject to the custom table from the automation job, once the problem occurs, the initial table will be created with the results. We want to pre-recreate this rule, workaround, for now, is to generate the table with some custom data. Can this be fixed please?

    17 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Flag idea as inappropriate…  ·  Admin →

    Thanks for the valid suggestion. Your feedback is now open for the user community to upvote & comment on. This allows us to effectively prioritize your request against our existing feature backlog and also gives us insight into the potential impact of implementing the suggested feature.

  7. Include "Valued caching policies" on the analytics result

    It would be very helpful if you have a built-in mechanism for counting value cache misses/success.

    12 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)

    Thanks for your feedback. Your feedback is now open for the user community to upvote & comment on. This allows us to effectively prioritize your request against our existing feature backlog and also gives us insight into the potential impact of implementing the suggested feature.

  8. Support systemd template unit file

    So it would be great to enable Log Analytics to track change/enable inventory gathering on systemd services that are using systemd template.

    I had a ticket with support that confirmed to me it wasn't supported and sent me here to request a feature... So here I am, I feel it's more of a bug than a feature. If you say the agent support services/daemon inventory and it can do it with "normal" sytemd unit file, I think it should simply work with template too.

    What is a systemd unit file template ? https://fedoramagazine.org/systemd-template-unit-files/

    12 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Change Tracking Solution  ·  Flag idea as inappropriate…  ·  Admin →

    Thanks for the valid suggestion. Your feedback is now open for the user community to upvote & comment on. This allows us to effectively prioritize your request against our existing feature backlog and also gives us insight into the potential impact of implementing the suggested feature.

  9. Add wildcard character feature for folder in Custom log path

    introduce this wildcard character feature in log path future.
    For example
    C://test/*/log/*.log

    20 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Flag idea as inappropriate…  ·  Admin →

    Thanks for the valid suggestion. Your feedback is now open for the user community to upvote & comment on. This allows us to effectively prioritize your request against our existing feature backlog and also gives us insight into the potential impact of implementing the suggested feature.

  10. Send alerts with resolved state for log alert rules

    Related with: https://feedback.azure.com/forums/267889-log-analytics/suggestions/12898992-activated-resolved-states-for-alerts-with-auto-res

    The documentation says:

    Log alert rules comprise of custom query-based logic provided by users and hence without a resolved state. Due to which every time the conditions specified in the log alert rule are met, it is fired.

    It would be nice if there were a possibility that if the alert is fired, and the next time the query is executed it does not satisfy the condition to be fired again, then a resolved alert could be sent.

    14 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    1 comment  ·  Flag idea as inappropriate…  ·  Admin →

    Thanks for the valid suggestion. Your feedback is now open for the user community to upvote & comment on. This allows us to effectively prioritize your request against our existing feature backlog and also gives us insight into the potential impact of implementing the suggested feature.

  11. The oms custom logs should support the custom timestamp rather than the static format

    Hi,
    We are working with the Radius NPS (Network Policy Server) and would like to push this custom log logs to oms. However we got the failure.

    "CLIENTCOMP","IAS",03/07/2008,13:04:33,1,"client",,,,,,,,,9,"10.10.10.10","npsclient",,,,,,,1,,0,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,

    I referred to this guideline: https://docs.microsoft.com/en-us/azure/azure-monitor/platform/powershell-workspace-configuration#configuring-log-analytics-to-send-azure-diagnostics

    and

    https://docs.microsoft.com/en-us/azure/azure-monitor/platform/data-sources-custom-logs?toc=%2Fazure%2Fazure-monitor%2Ftoc.json#custom-log-record-properties

    Looks like the oms custom log just only supported:
    YYYY-MM-DD HH:MM:SS
    M/D/YYYY HH:MM:SS AM/PM
    Mon DD, YYYY HH:MM:SS
    yyMMdd HH:mm:ss
    ddMMyy HH:mm:ss
    MMM d hh:mm:ss
    dd/MMM/yyyy:HH:mm:ss zzz
    yyyy-MM-ddTHH:mm:ssK

    I believe that the OMS would be used in many systems and customers, so the oms custom logs should be supported the custom timestamp as needed.

    7 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    1 comment  ·  OMS Gateway  ·  Flag idea as inappropriate…  ·  Admin →

    Thanks for the valid suggestion. Your feedback is now open for the user community to upvote & comment on. This allows us to effectively prioritize your request against our existing feature backlog and also gives us insight into the potential impact of implementing the suggested feature.

  12. DCR: powershell cmdlet to collect activity log across subscription in Log analytics workspace

    We have activity log solution here: https://docs.microsoft.com/en-us/azure/azure-monitor/platform/collect-activity-logs
    cx want to do the below steps by powershell command:
    - Configure activity logs to go to your Log Analytics workspace.
    - In the Azure portal, select your workspace and then click Azure Activity log.
    - For each subscription, click the subscription name.

    Currently we don't have any powershell commands to do the same, as I know, we have some powershell command to enable custom logs in log analytics, hence please also provide similar command to connect activity logs in workspace across subscription.

    30 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
  13. Make Azure Log Analytics Dependency Agent available in Azure Portal GUI

    You currently can install the Dependency Agent through Azure Portal GUI, must use either PowerShell, ARM templates or possibly (haven't tested) Azure Policies. How?! Why?!

    Please make it possible to manage the Dependency Agent extension through the Azure Portal web GUI.

    3 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    1 comment  ·  Service Map  ·  Flag idea as inappropriate…  ·  Admin →

    Thanks for the valid suggestion. Your feedback is now open for the user community to upvote & comment on. This allows us to effectively prioritize your request against our existing feature backlog and also gives us insight into the potential impact of implementing the suggested feature.

  14. Provide ability to query resource Graph data from Log Analytics

    Please provide option to query resource graph data from Log Analytics. That will allow to correlate data between those and some interesting scenarios will be possible. Also you should be able to use Log Analytics query that reaches resource graph and you can create Log Search alert.

    48 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    3 comments  ·  Extensibility  ·  Flag idea as inappropriate…  ·  Admin →
  15. custom logs timestamp

    Please add this timestamp delimiter YYYY-M-D HH:mm:ss.

    Currently have logs in an application that use this and would like to gather the custom logs using this delimiter format.

    6 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
  16. Log analytics to support multi dimensional metrics input from Event Hubs

    Sending multi-dimensional metrics via diagnostic settings is not currently supported. Metrics with dimensions are exported as flattened single dimensional metrics, aggregated across dimension values.
    For example: The 'Incoming Messages' metric on an Event Hub can be explored and charted on a per queue level. However, when exported via diagnostic settings the metric will be represented as all incoming messages across all queues in the Event Hub.

    The Diagnostics and Metrics team did confirm that the Incoming messages metric is multi-dimensional. And because of this when sending the data to Log Analytics it will only present all of the incoming messages…

    4 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
  17. Color customization in log analytics chart

    A feature to customize the color of the charts should be available, as the default colors don't make any sense in many scenarios (green, blue, etc). Furthermore, when publishing the charts into a dashboard, the colors and chart shape are changed again (from pie to donut and from green and blue to dark blue and light blue).
    The ability to choose the colors should be added to the "render" method and consistency between the actual chart in log analytics and the published chart in the dashboard are very important features that should be available.

    10 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)

    Thanks for the valid suggestion. Your feedback is now open for the user community to upvote & comment on. This allows us to effectively prioritize your request against our existing feature backlog and also gives us insight into the potential impact of implementing the suggested feature.

  18. Network Performance Monitor : custom network test has a test frequency of min 5 minutes

    Network Performance Monitor - Configuration - Service Connectivity Monitor. The custom network test has a test frequency of min 5 minutes. 5 minute intervals to check an endpoint is too long, its also too long to graph out trends or analyses in troubleshooting. 1 minute intervals will be needed. This is the only thing preventing my clients from using this solution for network monitoring.

    20 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    2 comments  ·  Network Monitoring  ·  Flag idea as inappropriate…  ·  Admin →
  19. Recursive Log Collection paths

    Recursive Log collection paths for Custom Logs

    This will help users like me with folders that have logs + subfolders with logs.

    39 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
  20. Add Tenant root management group into Activity log's drop down list

    We can't select Tenant root management group in Activity log's "Management group" drop down list.

    Customer can apply policy on Tenant root management group. And the activity log should record the policy change on Tenant root management group.

    Please add Tenant root management group into Activity log's drop down list. So that we can check the activity log of Tenant root management group

    4 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Flag idea as inappropriate…  ·  Admin →

    Thanks for the valid suggestion. Your feedback is now open for the user community to upvote & comment on. This allows us to effectively prioritize your request against our existing feature backlog and also gives us insight into the potential impact of implementing the suggested feature.

← Previous 1 3 4 5 44 45
  • Don't see your idea?

Feedback and Knowledge Base