Azure Monitor-Log Analytics

Welcome to the "Azure Log Analytics ":https://azure.microsoft.com/en-us/services/log-analytics/ Feedback page. We appreciate your feedback and look forward to hearing from you. Use this site for new ideas and bug reports or to request help.
NOTE – Log Analytics is now a part of Operations Management Suite. Learn more at http://microsoft.com/OMS

  • Hot ideas
  • Top ideas
  • New ideas
  • My feedback
  1. Can't create alerts based on cross-resource queries

    It used to be possible through the OMS portal to link an Application Insights instance to Log Analytics. Since the portal is being depreciated, along with the App Insights connector, we are forced to use cross-resource queries to query an App Insights instance from a separate Log Analytics instance. This works fine for general queries, but we cannot create alerts based on cross-resource queries. The alert will not create because of a "syntax error", when the same query works in Log Analytics.

    There should be a way to ingest App Insights data into a Log Analytics instance. Or else we…

    44 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    completed  ·  3 comments  ·  Alert Management Solution  ·  Flag idea as inappropriate…  ·  Admin →
  2. log analytics workspace upgrade

    In old oms under settings->data-> applicationinsight connector option was there and i had option to choose which all application insights in my subscription i want to associate with oms.

    in new ui where can i find that same setting or is it taken away ? if taken away then how will multiple appinsight data go to oms.

    3 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    1 comment  ·  Flag idea as inappropriate…  ·  Admin →
  3. Alert Management (solution) is missing from Azure Marketplace (June 7, 2018)

    (updating with screenshot)

    The Log Analytics solution, Alert Management, does not come up in search results across the Azure Marketplace.

    See documentation here https://docs.microsoft.com/en-us/azure/log-analytics/log-analytics-solution-alert-management

    3 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Alert Management Solution  ·  Flag idea as inappropriate…  ·  Admin →
  4. Bug with Log Analytics widget on Azure Dashboard

    I defined a query in Azure Log Analytics and then I tried to pin it to a dashboard in azure portal, but the widget doesn't load and there is an error in the console logs. Check the attached files.

    3 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  My Dashboard  ·  Flag idea as inappropriate…  ·  Admin →
  5. A Saved Search can only be deployed once via ARM templates

    Currently, a Saved Search in Log Analytics can only be deployed once via ARM templates. After the initial deployment of a saved search, subsequent deployments will fail with an error which states 'Bad Request'.

    Resource Microsoft.OperationalInsights/workspaces/savedSearches 'searchName' failed with message
    {
    "error": {
    "code": "BadRequest",
    "message": ""
    }
    }'

    3 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    completed  ·  2 comments  ·  Flag idea as inappropriate…  ·  Admin →
  6. Alert correlation - OMS <-> SCOM

    Alert correlation from System Center Operations Manager.
    Moving closer and closer towards hybrid and privat cloud, we are seeing a huge trend in complexity with monitoring, alert correlation and event management (ITIL).
    I would love to see more focus on some sort of alert correlation for SCOM in OMS.

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Alert Management Solution  ·  Flag idea as inappropriate…  ·  Admin →
  7. OMS email alert notifications does NOT send emails to nested Security Groups

    OMS email alert notifications should be able to handle sending emails to a nested security group or DL i.e. security group that has another security group/DL as a member. Right now, the email does not get sent out.

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Alert Management Solution  ·  Flag idea as inappropriate…  ·  Admin →
  8. update compliance

    Detailed Patch Status for Workstations in System Update Assessment
    Similar to MMA (Microsoft Monitoring Agent) for servers that provides security patch level details, provide a similar capability for Win 10 workstations that are registered to send data to OMS.

    6 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
  9. Billing Cost Tile in OMS

    I am loving OMS it is fantastic. It would be great to see the billing tab or the Azure PowerBI or just the ability to attach PowerBI charts into the dash. That way I could see everything I would consider important on the one screen. Currently I need 2 browsers to monitor billing and the other metrics.
    Keep up the good work with OMS its fantastic.

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  My Dashboard  ·  Flag idea as inappropriate…  ·  Admin →
  10. differentiate between computers with the same name

    when an agent is deployed on several machines with the same name there is an issue to differentiate several data sets between these computers, for example all performance data solutions have only the computer name field but no computerid field (like the one in the heartbeat solution for example) causing miss calaculation
    additionally the heartbeat solution enables us to get the resource and resourcegroup fields for azure machines but only for windows machines again blocking easy differentiation

    3 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Flag idea as inappropriate…  ·  Admin →
  11. ability to organize myself the intellingent packs on portal

    Would be great to have the ability to organize myself the structure of the portal, for example put on TOP the management pack that are the more interesting (relevant) for me.

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  My Dashboard  ·  Flag idea as inappropriate…  ·  Admin →
  12. ceiling

    you have round() and floor(), why not ceiling()?

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Search UI and Language  ·  Flag idea as inappropriate…  ·  Admin →
  13. Alert

    In most cases when you are looking at the Alert Management Solution you do not care about the instances of an alert - especially if you have been notified by runbook/webhook/email.

    I'd wager that most people care about the data in the search query that caused that alert and the data it returned. Having to copy and paste the LinkToSearchResults is quite time consuming. The UX on this should be improved to allow jumping directly to the search results that caused the alert, would save time on training too!

    18 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    3 comments  ·  Alert Management Solution  ·  Flag idea as inappropriate…  ·  Admin →
  14. Raise the maximum alert rules from the limit of 250.

    We are running into the maximum limit of 250 rules, which is requiring our organization to change our alerting workflow to work around this limit and makes the OMS solution not feel scalable as an alerting tool.

    48 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    2 comments  ·  Alert Management Solution  ·  Flag idea as inappropriate…  ·  Admin →

    While OMS puts a restriction of up to 250 Alerts via OMS Portal – the solution is scalable to beyond these limits. The limit is only put in place to prevent abuse.

    If your organization requires more than 250 Log Analytics based Alerts – be it in OMS or Azure; please reach out to Microsoft Support / Account representatives or Azure Partner. They’ll guide you through the process of increasing alerts, as required for your organizational needs.

  15. Programmatically add intelligence pack connections (like Office 365)

    Right now, I have to go in manually (old world) and type in my username and password (old world) for Office 365 to get it enabled into monitoring.

    When I set up a tenant, I don't want to have to click and type, nor anyone to see passwords. I want to automate and manage my passwords and connections securely through automation / orchestration solutions.

    Thus, I'd like Powershell or other API endpoints to configure and connect OMS to sources such as Office 365, and also to be able to change the password and/or account used to connect to such sources.

    6 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    completed  ·  0 comments  ·  Security and Audit Solution  ·  Flag idea as inappropriate…  ·  Admin →
  16. filter

    We have a part of a query which is used in many other queries the same way. This part is used in saved searches, alerts and overview parts.

    E.g. We have a query part that filters to Special five Services to be watched. And this is used in many hole queries this additional filter to time, Computer, etc.

    If there's a change in this part of query we have to correct it everywhere it is used.

    E.g. We have to add a sixth Service to the filterlist to be watched

    It would be great if there's a solution to save…

    3 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Search UI and Language  ·  Flag idea as inappropriate…  ·  Admin →
  17. Reduce Service Map inital load time by not default displaying service map of first server in list.

    On entering the Service Map solution you have to wait for the Loading Map Data message to disappear before you can start to use the Filter field. This can make you wait 20-30 seconds to render a service map for a server that you're not interested in.

    Would be nicer to drop start to a quick loading Service Map overview screen or just not render anything.

    3 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Service Map  ·  Flag idea as inappropriate…  ·  Admin →
  18. Provide Alert management in the Azure Portal

    Add support for Alert management in the Azure Portal. We really need this option.

    9 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Alert Management Solution  ·  Flag idea as inappropriate…  ·  Admin →
  19. Azure AD Group alert targeting in OMS

    It would be great with an option to limit alerts to specific groups of people in Azure Active Directory. Basically the same functionality that is possible with email notification, where we can enter the "Recipients" of the email alert notification.

    Alerts on a group level should happen both at the OMS API level and also in the Mobile App. I get a lot of alerts that is intended for other group or people.

    5 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Alert Management Solution  ·  Flag idea as inappropriate…  ·  Admin →
  20. Add the ability to export the server listing (to excel, text file, etc.) which could then be used for internal asset management comparisons

    Add the ability to export the server listing (to excel, text file, etc.) which could then be used for internal asset management comparisons. We could use this export against the Security Map export to validate server missing. Would also allow us to compare that export with an internal Asset Management inventory list to find deltas in machines not having the Dependency agent installed. we have a large organization (3,500+ servers) and we want to make sure all servers get the Monitoring and dependency agent.

    33 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    1 comment  ·  Service Map  ·  Flag idea as inappropriate…  ·  Admin →
← Previous 1 3 4 5 20 21
  • Don't see your idea?

Feedback and Knowledge Base