Azure Monitor-Log Analytics

Welcome to the "Azure Log Analytics ":https://azure.microsoft.com/en-us/services/log-analytics/ Feedback page. We appreciate your feedback and look forward to hearing from you. Use this site for new ideas and bug reports or to request help.
NOTE – Log Analytics is now a part of Operations Management Suite. Learn more at http://microsoft.com/OMS

  • Hot ideas
  • Top ideas
  • New ideas
  • My feedback
  1. Add support for SQL Databases

    To complete the monitoring scenario with PaaS services in Azure we will value the possibility of adding Operational Insights for Azure SQL Database to help to detect complex escenarios and points for improvement (most heavey queries, concurrency, use of the performance tiers, DTUs, in my apps, detect cpu consuming queries, RAM consuming queries, etc.).

    48 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
  2. User specified delimiter for custom logs

    Request to introduce user defined delimiter for Custom logs

    We run into issues where we're unable to delimit RabbitMQ log timestamp format
    dd-MMM-yyyy::HH:mm:ss
    Unfortunately, there is no configuration for us to change that timestamp format in RabbitMQ and have to implement a heavy workaround in order to work around this to convert it to a date time format supported by Microsoft then forwarding it to OMS.

    47 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
  3. Fix Bug in Agent

    We started seeing this error after installing the OMS agent on our servers.

    An unmarshaling policy check was performed when unmarshaling a custom marshaled object and the class {45FB4600-E6E8-4928-B25E-50476FF79425} was rejected.

    A quick search on the internet shows other people have the same error after installing the OMS agent also.

    46 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)

    We’re aware of an issue that can cause this error to be logged when the Update Assessment solution is installed.
    You can check if this is what you’re seeing my temporarily removing the Update Assessment solution and confirming the errors stop.

    The Update Assessment solution functionality is not affected and you can safely ignore this error.

  4. Next Generation Firewall Solution Pack

    Possibility of leveraging OMS for log correlation/SIEM with 3rd party firewalls such as Cisco, Fortinet, Sonicwall, etc. Maybe have vendors create OMS solution packs for their product offerings to sell?

    46 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
  5. software inventory

    I'd like to be able to perform full software inventory on servers and be able to identify non-current versions of programs installed, i.e. JAVA, Adobe Reader etc.

    Management Suite should be able to push the newest versions to servers.

    46 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    3 comments  ·  Security and Audit Solution  ·  Flag idea as inappropriate…  ·  Admin →
  6. Service Map to automate Micro Segmentation of NSGs

    As Service Map can Identify all network connectivity it would be very beneficial if it was possible to create Automated Suggestions for Microsoft Segmentation of Network Security Groups for the Security Admin to consider and Automate the Deployment of.

    45 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Service Map  ·  Flag idea as inappropriate…  ·  Admin →
  7. Custom Logs (import and delete) and add custom timestamps

    One amazing idea is create custom fields on custom log sample process. Another good idea is add more timestamp samples (like ISO 8601 format, YYYYMMDDThhmmss.fffK where YYYY: Year, MM: Month, DD: Day in month, T: Delimiter, hh: Hour, mm: Minutes, ss: Seconds, fff: Milliseconds, K: Time zone offset) or add the possobility to create a custom timestamp.
    It will be possible delete some imported custom logs to make some tests?

    45 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)

    We’re planning on allowing you to import/export Custom Logs & Fields via the UI & ARM Templates. We’re currently implementing the ARM support today for most of Settings in OMS.

    Thanks for sharing some of the timestamps you need. Feel free to e-mail them to me here: evanhi(at)microsoft.com

    We’re actively planning way for you to specify timestamps yourselves.

  8. Being able to collect logs from OSX clients. All logs would be great; I'm specifically interested in security related events.

    Natively (no agent) send Syslog traffic to a collection point and have it upload the logs to Log Analytics.
    Use an agent to install on OSX that can send OSX logs to a collection point or direct to Log Analytics.
    I’m specifically interested in security related logs from Mac client machines on Enterprise networks. That said if were able to collect logs it shouldn’t be limited to security information. It would be nice to be able to see patch level, ability to collect all logs, performance metrics, etc.

    44 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    1 comment  ·  Security and Audit Solution  ·  Flag idea as inappropriate…  ·  Admin →
  9. NLog target for OMS data collector API

    Please implement a NLog target for the OMS data collector API

    43 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
  10. Skip operator for Query Search

    Old version Log Analytics has 'Skip' operator.
    But now, New version of Log Analytics Query does not have 'Skip' operator.

    I want this feature.
    Because when we use Query via REST API, for limitation about Log Analytics API, we cannot download all logs at one time.
    So, we must execute API many again and again.

    If there is 'skip' operator, I can use 'skip' and 'limit' for repeat.
    Now because there is no 'skip' operator, I don't get log from Log Analytics via REST API.

    43 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    under review  ·  2 comments  ·  Search UI and Language  ·  Flag idea as inappropriate…  ·  Admin →
  11. More scheduling options for alert triggering

    Most of us have monitoring rules that are somehow different in the week end (or at night), just because some resources are left down. For example, I wanted to create an alert for when a particular VM was not started by automation on week days. Although I can easily set up that query to work on week days, it will unnecessary trigger an alert on weekends. Therefore, having a more advanced scheduler for alerts would be great, such as this: "check for this alert every X minutes with <everyday|weekdays|specific> recurrency"

    43 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    1 comment  ·  Alert Management Solution  ·  Flag idea as inappropriate…  ·  Admin →
  12. Allow me to remove managed systems (Management Groups and Directly Connected Servers/Agents) from Usage page

    Implements a feature to remove managed ( Management Groups and to Directly Connected Servers ) Overview Usage from want? I think even if servers Connected Directly, the agent is uninstalled, cannot be removed from Operational Insights Usage. Cannot disconnect in the SCOM Management Groups are for the Operational Insights on want to remove.

    41 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)

    In the current implementation, Management groups CAN already be removed, but only once they are ‘stale’ == have not reported ANY data for >14days, the link to remove will appear.

    The number of Directly reporting agents in ‘settings’ page is the actual number of servers registered, but the drill down will take you to search (where servers presence is inferred from the data).

    We will be working on options to de-register directly connected servers, similarly to we offer for SCOM management groups.

  13. RDS infratruture monitoring

    Hi Team, could we add monitoring for RDS infrastructure into MOMS ? ie. user logged on, user client IP, client IP latency , Client App latency etc.

    41 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
  14. Recursive Log Collection paths

    Recursive Log collection paths for Custom Logs

    This will help users like me with folders that have logs + subfolders with logs.

    39 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
  15. OMS ability to monitor & Alert on Azure changes such as Tags

    It would be great if it were possible to audit changes on Azure such as Tags, which we could then use to trigger runbooks. Currently I use a lot of time running automation runbooks on schedules to look for these changes. Auditing of any change in the portal would be great, then we would be empowered to alert on specific conditions.

    39 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    1 comment  ·  OMS Gateway  ·  Flag idea as inappropriate…  ·  Admin →
  16. Allow for performance data to be monitored by the VMware solution

    Add the possibility to monitor performance data as well in VMware environments, both for the hosts and for the VM´s.

    Examples for what I would want to look at with the solution;
    * Are there any snapshots? If so, what´s the size and age of these?
    * Show information about the datastores connected, both the size and usage details (free space, used space etc.)
    * Host CPU and memory utilization
    * VM CPU and memory utilization

    39 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    1 comment  ·  Flag idea as inappropriate…  ·  Admin →
  17. Support the import of complex JSON objects

    Just discovered it's not possible to import complex JSON objects, even objects with an array of strings fails. Please allow for the ability to import complex JSON objects!

    39 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    2 comments  ·  Extensibility / Partner scenarios  ·  Flag idea as inappropriate…  ·  Admin →
  18. Send logs for all Office 365 audit log entries/schemas

    Currently O365 logs are only collected for AzureActiveDirectory, Exchange, SharePoint and OneDrive workloads. Please add support for other audit log schemas as well, eg. the ones that are exposed via Office 365 Management Activity API: Teams, PowerBI, Sway, Yammer, ...

    38 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)

    Thanks for the valuable feedback. Your feedback is open for the user community to upvote & comment on. This allows us to effectively prioritize your request against our existing feature backlog and also gives us insight into the potential impact of implementing the suggested feature.

  19. 38 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
  20. Dynamics 365 Analytics

    I'd like to be able to analyse metrics from my 'Dynamics 365 for Operations' deployments (Prod and Sandboxes), much like you can O365 Analytics solution ...please :)

    ...I imagine this would appeal to CRM peeps too.

    Cheers,

    Thad

    37 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
  • Don't see your idea?

Feedback and Knowledge Base