Update: Microsoft will be moving away from UserVoice sites on a product-by-product basis throughout the 2021 calendar year. We will leverage 1st party solutions for customer feedback. Learn more here.

Azure Monitor-Log Analytics

Welcome to the "Azure Log Analytics ":https://azure.microsoft.com/en-us/services/log-analytics/ Feedback page. We appreciate your feedback and look forward to hearing from you. Use this site for new ideas and bug reports or to request help.
NOTE – Log Analytics is now a part of Operations Management Suite. Learn more at http://microsoft.com/OMS

How can we improve Azure Log Analytics ?

You've used all your votes and won't be able to post a new idea, but you can still search and comment on existing ideas.

There are two ways to get more votes:

  • When an admin closes an idea you've voted on, you'll get your votes back from that idea.
  • You can remove your votes from an open idea you support.
  • To see ideas you have already voted on, select the "My feedback" filter and select "My open ideas".
(thinking…)

Enter your idea and we'll search to see if someone has already suggested it.

If a similar idea already exists, you can support and comment on it.

If it doesn't exist, you can post your idea so others can support it.

Enter your idea and we'll search to see if someone has already suggested it.

  • Hot ideas
  • Top ideas
  • New ideas
  • My feedback

  1. Allow to search for 'parts' of a datetime field

    real world scenario: I need to analyze my alerts distribution by time windows (i.e. how many of them overnight vs during the day) and based on week day (how many on Sunday, Monday, ...)
    I think this scenario can be applied to every data source you have. To do that we need to be able to query on parts of the datetime fields.

    11 votes
    Vote

    We're glad you're here

    Please sign in to leave feedback
    Signed in as (Sign out)
    Close
    Close
    You have left! (?) (thinking…)
    0 comments  ·  Search UI and Language  ·  Flag idea as inappropriate…  ·  Admin →
    planned  ·  AdminOMS Log Analytics Team (Product Manager, Microsoft Azure) responded

    I have this capability on my query language improvement backlog already. I would like to allow folks to search via local time (instead of ISO UTC time) and use keywords like Sunday, 6PM, etc.

    This is currently behind JOIN, Regex, DEDUP, and search time custom field extraction.

  2. Minify on W3CIISLog

    Minify works great for logs. Specifically we would like to get REST endpoints our of the csUriStem

    11 votes
    Vote

    We're glad you're here

    Please sign in to leave feedback
    Signed in as (Sign out)
    Close
    Close
    You have left! (?) (thinking…)
    planned  ·  1 comment  ·  Search UI and Language  ·  Flag idea as inappropriate…  ·  Admin →

  3. Change a saved search (hassle free)

    Add the ability to change a saved search, without having to remember the exact same name and group to override the existing query. At the same time a rename function would be nice.

    7 votes
    Vote

    We're glad you're here

    Please sign in to leave feedback
    Signed in as (Sign out)
    Close
    Close
    You have left! (?) (thinking…)
    0 comments  ·  Search UI and Language  ·  Flag idea as inappropriate…  ·  Admin →

  4. Add "render" option for query language

    Can we please have an option to display search results into different types of graphics? Similar to Kusto (or Application Insights Analytics) which has an option to render the search results into different graphics.
    For example:
    requests
    | where timestamp >= ago(24h)
    | summarize requestCount=count() by client_CountryOrRegion
    | order by requestCount desc
    | render piechart

    6 votes
    Vote

    We're glad you're here

    Please sign in to leave feedback
    Signed in as (Sign out)
    Close
    Close
    You have left! (?) (thinking…)
    0 comments  ·  Search UI and Language  ·  Flag idea as inappropriate…  ·  Admin →
  • Don't see your idea?

Azure Monitor-Log Analytics

Categories

Feedback and Knowledge Base

(thinking…)
Hosted by UserVoice