Log Analytics

Welcome to the "Azure Log Analytics ":https://azure.microsoft.com/en-us/services/log-analytics/ Feedback page. We appreciate your feedback and look forward to hearing from you. Use this site for new ideas and bug reports or to request help.
NOTE – Log Analytics is now a part of Operations Management Suite. Learn more at http://microsoft.com/OMS

How can we improve Azure Log Analytics ?

You've used all your votes and won't be able to post a new idea, but you can still search and comment on existing ideas.

There are two ways to get more votes:

  • When an admin closes an idea you've voted on, you'll get your votes back from that idea.
  • You can remove your votes from an open idea you support.
  • To see ideas you have already voted on, select the "My feedback" filter and select "My open ideas".
(thinking…)

Enter your idea and we'll search to see if someone has already suggested it.

If a similar idea already exists, you can support and comment on it.

If it doesn't exist, you can post your idea so others can support it.

Enter your idea and we'll search to see if someone has already suggested it.

  • Hot ideas
  • Top ideas
  • New ideas
  • My feedback
  1. Multi tenancy: Collect Azure Health logs from different Azure tenants

    We manage Azure tenants for multiple companies. We want one central monitoring and automation Workspace to manage all these different tenants.
    Although you can collect data from vm agents in different Azure tenants as well as data from different Office365 tenants it is not possible to get the Azure Health logs from different tenants into one OMS Workspace.

    505 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: oidc
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    4 comments  ·  Extensibility / Partner scenarios  ·  Flag idea as inappropriate…  ·  Admin →
  2. 6 hours SLA on indexing custom log data is a very long time to alert on

    According to this article https://azure.microsoft.com/en-us/support/legal/sla/log-analytics/v1_1/ SLA on indexing log data might take up to 6 hours. OMS has built in alerting that allows you to trigger actions within 5 minutes of data arrival. But if indexing takes more than 5 minutes - then what's the point of creating alert that might trigger on something that is no longer a problem, or not trigger at all if there is real problem. What is the average data indexing time? Log Analytics would be much more useful and have many more applications in real world if that indexing time is much lower. 6…

    359 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: oidc
    Signed in as (Sign out)
    You have left! (?) (thinking…)

    We have recently published an article – https://docs.microsoft.com/en-us/azure/log-analytics/log-analytics-data-ingestion-time that details various aspects of data ingestion time for Log Analytics, and clarifies distinction between the financially-backed SLA and our Service-Level Objectives. In fact, the typical latency to ingest data into Log Analytics is between 3 and 10 minutes, with 95% of data ingested in less than 7 minutes.

    We are also actively working to bring this latency down even further, and many customers already report that they experienced a significant improvement, but more is coming.

  3. Use Windows Event Forwarding (WEF) to send events to OpInsights

    Would it be cool if you could configure Windows Server WEF (Windows Event Forwarding - http://technet.microsoft.com/en-us/library/cc748890.aspx ) to send to Advisor for Log Management scenario, without using the SCOM agent ?
    Alternatively, if one already has a forwarder/collector (WEF/WEC) architecture in place, could it be possible to use just one SCOM agent/gateway to pull the 'forwarded' logs stored on that collector from that single box to the cloud.

    330 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: oidc
    Signed in as (Sign out)
    You have left! (?) (thinking…)
  4. 327 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: oidc
    Signed in as (Sign out)
    You have left! (?) (thinking…)
  5. Azure Machine Learning with Log Analytics

    1 on OMS with Azure ML. As organizations lack the ability to mine through mounds of log data to detect trends and determine what services are running well and which services may need help.

    Problem Management is one of the processes that requires Incident/Event data to determine trends. Many organizations struggle with this as they need to have a person look at this data and analyze it. Using OMS Analytics data and pumping to through Azure Machine Learning and providing insights would be valuable to IT organizations.

    This would increase IT Organization’s maturity and drive business value.. I see a…

    303 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: oidc
    Signed in as (Sign out)
    You have left! (?) (thinking…)
  6. Improve multitenancy for managed services providers

    Currently we can have one subscription per MG and/or consolidate multiple MGs into one single subscription. What's missing is the ability to have groups of different systems from the same MG to report to different subscriptions. In management as a service scenario for SMB customers it's often impractical to have 1 MG per customer, rather multiple customers are consolidated into one infrastructure (MG) and then access is limited via scoping. Bring this to Advisor, please.

    299 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: oidc
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    7 comments  ·  Workspace Settings / Administration  ·  Flag idea as inappropriate…  ·  Admin →

    We’ll be working to bring this functionality in stages over the next several months.

    One of the first steps is to ensure that workspace creation and configuration can be done programmatically.

    We’re also looking at how to report across multiple workspaces.

  7. StorSimple Management from OMS

    Could it be possible to add StorSimple to the OMS dashboard? I would like to see monitoring, usage, updates and snapshots from within the dashboard.

    274 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: oidc
    Signed in as (Sign out)
    You have left! (?) (thinking…)
  8. Provide an Intelligence Pack for System Center Service Manager

    Create an intelligence pack for System Center Service Manager to provide additional analytical data for problem management, incident analysis, and configuration item analysis.

    272 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: oidc
    Signed in as (Sign out)
    You have left! (?) (thinking…)
  9. Azure Operational Insights for on-premises

    We want to install "Azure Operational Insights" to on-promises.
    Many of customer can not upload their logs to Azure (legal or etc...).

    261 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: oidc
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    13 comments  ·  Flag idea as inappropriate…  ·  Admin →
  10. Support Nano Server

    Support Nano Server

    248 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: oidc
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    11 comments  ·  Flag idea as inappropriate…  ·  Admin →
  11. Collect IIS Advanced logs

    Allow the collection and addition of custom fields using advanced logging or custom IIS modules. Example is to add x-forwarded-for to IIS logs in W3WC format.

    217 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: oidc
    Signed in as (Sign out)
    You have left! (?) (thinking…)

    Let’s see how many come here and vote this, but we probably won’t special case this one log type ourselves.

    We are anyhow doing work to enable per-tenant schema (since your fields would be different than mine) – tracked as part of the ‘custom fields’ work http://feedback.azure.com/forums/267889-azure-operational-insights/suggestions/6519270-allow-to-perform-parsing-and-custom-fields-extract
    to be followed eventually by ‘custom logs’ http://feedback.azure.com/forums/267889-azure-operational-insights/suggestions/7113030-collect-text-log-files
    and
    http://feedback.azure.com/forums/267889-azure-operational-insights/suggestions/7928931-collect-data-from-custom-containers-in-storage-acc

    which will enable this scenario – and many more!

  12. Rename workspace

    Ability to rename workspace should appear in new Azure portal after migration will be done.

    204 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: oidc
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    14 comments  ·  Workspace Settings / Administration  ·  Flag idea as inappropriate…  ·  Admin →
  13. Log Analytics: Service Map export to visio

    Create a export to Visio function to export the Service Map canvas to visio file/s

    204 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: oidc
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    triaged  ·  6 comments  ·  Service Map  ·  Flag idea as inappropriate…  ·  Admin →
  14. Do not sunset the OMS mobile until the Azure mobile can display dashboards and chart information.

    Do not sunset the OMS mobile app until the Azure mobile app can effectively replace the functionality. The current Azure mobile application cannot display any dashboards (including Azure dashboards) nor can it display log analytics or application insights queries. This functionality is currently only available in the OMS mobile app!

    181 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: oidc
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    14 comments  ·  Mobile App  ·  Flag idea as inappropriate…  ·  Admin →

    We are actively seeking for feedback in this area, as this is non trivial decision for us. Based on the user voice, there seems to be some passionate supporters for this capability, yet, the number of users actively using the app remains very low. Would love to hear ideas on how to reconcile this:
    1. is it just a great demo feature?
    2. Which one of the features users are using – dashboards vs. search vs. alerts?
    3. Could something like PowerBI be a viable alternative? If not – what’s missing?

  15. Collect IIS Logs from Windows Azure Diagnostics storage (WAD) for Azure Web Sites

    Azure WebSites write to WAD in a different folder structure. The work of this other idea http://feedback.azure.com/forums/267889-azure-operations-insights/suggestions/6519377-collect-iis-logs-from-windows-azure-diagnostics-st enables reading those IIS logs for Azure Cloud Services (i.e. web role instances) but not for Azure Web sites.
    This new idea is for the latter scope.

    169 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: oidc
    Signed in as (Sign out)
    You have left! (?) (thinking…)

    Cloud Services / Virtual Machines write with a different container/folder structure in Azure blob than Azure WebSites. Our current ingestion processes the former, not the latter.

    Anyhow, also consider the ‘generic’ idea of a platform feature to ingest your own logs http://feedback.azure.com/forums/267889-azure-operational-insights/suggestions/7928931-collect-data-from-custom-containers-in-storage-acc

  16. Collect Azure Active Directory Security logs with OMS

    You should be able to see reports regarding "Azure Active Directory" Security logs. (sign-in/audit/...)

    There already is a Azure possibility to see Azure Active Directory Reports. It would be nice to have this data in OMS.

    158 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: oidc
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    planned  ·  6 comments  ·  Security and Audit Solution  ·  Flag idea as inappropriate…  ·  Admin →
  17. One Overall OMS Dashboard integraded with SCOM - Cisco Prime -Solarwinds

    Lot of Enterprise organizations have Multi monitor environment Like Microsoft SCOM for Servers in the Datacenter, Cisco Prime for network infrastructure like WiFi and SolarWinds for Network components. Monitoring from outside to inside like Microsoft OMS could be the Service in the middle and make One single Dashboard for the Business, but also for IT Pro's.

    155 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: oidc
    Signed in as (Sign out)
    You have left! (?) (thinking…)

    Thanks you for taking the time to provide this feedback. We are looking at developing a centralized alerting view which will support monitoring tools like Nagios, Zabbix, Solarwinds. If you are interested in participating on the private preview of this solution please email me.

  18. Expand Data Retention for Security and Audit IP

    Provide to ability to expand the data retention to 3-8 years. Some customers do have compliance rules to save their security related data for 8 years. When this could be accomplished we move our ACS implementations on premise to OpInsights.

    151 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: oidc
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    7 comments  ·  Security and Audit Solution  ·  Flag idea as inappropriate…  ·  Admin →
  19. Add multiple Azure subscriptions to OMS workspace

    At the moment you can't link multiple Azure subscriptions to one OMS workspace. This would be very usefull for MSP's. We are using SCOM to monitor customers on-prem infrastructure and want to link SCOM to a OMS workspace linked to multiple Azure subscriptions.

    143 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: oidc
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    triaged  ·  1 comment  ·  Workspace Settings / Administration  ·  Flag idea as inappropriate…  ·  Admin →
  20. Show Contextual data such as CPU and RAM for servers

    When I click over a list that shows servers and select a given server from the list it would be nice to get a quick overview of the system. Such as OS SKU, CPU, RAM, Disk Free and so on.

    127 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: oidc
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Search UI and Language  ·  Flag idea as inappropriate…  ·  Admin →

    We have not forgotten about this but this is a multi-faceted feedback that expresses a desire (show me/let me pivot to contextual data), but besides the graphical interaction we need to bring the right capabilities and the right data types to the platform first.

    A first step in this direction is the common ‘Computer’ field – http://feedback.azure.com/forums/267889-azure-operations-insights/suggestions/6519266-unify-standardize-computer-field-across-intellig
    that allows you to pivot from one data type to another, and to join different data types thru sub-searches http://feedback.azure.com/forums/267889-azure-operational-insights/suggestions/6519234-filter-groups-of-computers-thru-subqueries-in-n
    (which anyhow are generic and work with other fields too)

    We are starting to discuss what a UX for ‘context’ could look like, but we are not finished with bringing in new data types to make that really compelling :-)

    One example of such ‘context’ is in the form of tracking configuration changes – http://feedback.azure.com/forums/267889-azure-operations-insights/suggestions/6519185-need-configuration-change-tracking-solution-softw so you can move from a troubleshooting scenario (capacity or events) to a ‘context’ of what has changed…

← Previous 1 3 4 5 44 45
  • Don't see your idea?

Feedback and Knowledge Base