Log Analytics

Welcome to the "Azure Log Analytics ":https://azure.microsoft.com/en-us/services/log-analytics/ Feedback page. We appreciate your feedback and look forward to hearing from you. Use this site for new ideas and bug reports or to request help.
NOTE – Log Analytics is now a part of Operations Management Suite. Learn more at http://microsoft.com/OMS

How can we improve Azure Log Analytics ?

You've used all your votes and won't be able to post a new idea, but you can still search and comment on existing ideas.

There are two ways to get more votes:

  • When an admin closes an idea you've voted on, you'll get your votes back from that idea.
  • You can remove your votes from an open idea you support.
  • To see ideas you have already voted on, select the "My feedback" filter and select "My open ideas".
(thinking…)

Enter your idea and we'll search to see if someone has already suggested it.

If a similar idea already exists, you can support and comment on it.

If it doesn't exist, you can post your idea so others can support it.

Enter your idea and we'll search to see if someone has already suggested it.

  • Hot ideas
  • Top ideas
  • New ideas
  • My feedback
  1. Sharepoint Online uptime percentage

    We would like to be able to monitor a notify when users are unable to read or write any portion of a SharePoint Online site collection for which they have appropriate permissions.

    1 vote
    Vote
    Sign in
    Check!
    (thinking…)
    Reset
    or sign in with
    • facebook
    • google
      Password icon
      I agree to the terms of service
      Signed in as (Sign out)
      You have left! (?) (thinking…)
      0 comments  ·  Flag idea as inappropriate…  ·  Admin →
    • Get-​Azure​Rm​Operational​Insights​Search​Results Limits to 5000 results how would I get 20000

      How do export more than 5000 results, as Get-​Azure​Rm​Operational​Insights​Search​Results limits to 5000. We are looking to export 20000.

      5 votes
      Vote
      Sign in
      Check!
      (thinking…)
      Reset
      or sign in with
      • facebook
      • google
        Password icon
        I agree to the terms of service
        Signed in as (Sign out)
        You have left! (?) (thinking…)
        0 comments  ·  Extensibility  ·  Flag idea as inappropriate…  ·  Admin →
      • schedule patching

        Dynamically re-evaluate computer group membership of existing update schedules.
        Currently, when creating a recurring update schedule, the computer group query is only evaluated once.
        It should be re-evaluated at least after each run, or ideally once a day.

        3 votes
        Vote
        Sign in
        Check!
        (thinking…)
        Reset
        or sign in with
        • facebook
        • google
          Password icon
          I agree to the terms of service
          Signed in as (Sign out)
          You have left! (?) (thinking…)
          0 comments  ·  System Update Assessment Solution  ·  Flag idea as inappropriate…  ·  Admin →
        • 3 votes
          Vote
          Sign in
          Check!
          (thinking…)
          Reset
          or sign in with
          • facebook
          • google
            Password icon
            I agree to the terms of service
            Signed in as (Sign out)
            You have left! (?) (thinking…)
            0 comments  ·  Flag idea as inappropriate…  ·  Admin →
          • Update management check for last update rollup installed

            I need to know how many Update rollup months were missed with the new update cadence. Because we run a month behind I need to know if a server is up to date to the previous Month. The easiest way would be to see what is missing, approved and not superseded by another installed patch from WSUS.

            3 votes
            Vote
            Sign in
            Check!
            (thinking…)
            Reset
            or sign in with
            • facebook
            • google
              Password icon
              I agree to the terms of service
              Signed in as (Sign out)
              You have left! (?) (thinking…)
              0 comments  ·  Flag idea as inappropriate…  ·  Admin →
            • Azure Automation tile in overview pane not showing data

              We installed the MMA on a VM on Azure, registered the Hybrid Worker using Add-HybridRunbookWorker, and we can see and use the Hybrid Worker from the automation account, still the pane in the OMS overview pane keeps saying "Enable Hybrid Workers for your Automation accounts".

              Any ideas, or workarounds? - Thanks.

              1 vote
              Vote
              Sign in
              Check!
              (thinking…)
              Reset
              or sign in with
              • facebook
              • google
                Password icon
                I agree to the terms of service
                Signed in as (Sign out)
                You have left! (?) (thinking…)
                1 comment  ·  Flag idea as inappropriate…  ·  Admin →
              • Add non-production pricing tier

                Please add a more affordable pricing for dev/test/qa systems. (that could be with less daily upload limits for them. That way, we could make it more viable to have all our systems(prod/dev/test) in OMS, in a single workspace. It would make it easier as currently, SCOM can only link to a single workspace and duplicating alerts/configuration in multiple workspace is not convenient.

                7 votes
                Vote
                Sign in
                Check!
                (thinking…)
                Reset
                or sign in with
                • facebook
                • google
                  Password icon
                  I agree to the terms of service
                  Signed in as (Sign out)
                  You have left! (?) (thinking…)
                  0 comments  ·  Workspace Settings / Administration  ·  Flag idea as inappropriate…  ·  Admin →
                • log integration for linux machines

                  I would like to see integration between Azure Log Integrator and Linux VM diagnostics. Currently Linux VM Diagnostics data goes to a storage account but Azure Log Integration server does not collect the info. It only collects the info for Windows servers. It will be nice to also read Linux diagnostics into Azure Log Integrator.

                  1 vote
                  Vote
                  Sign in
                  Check!
                  (thinking…)
                  Reset
                  or sign in with
                  • facebook
                  • google
                    Password icon
                    I agree to the terms of service
                    Signed in as (Sign out)
                    You have left! (?) (thinking…)
                  • I would to embed Azure Personalized Views as Sharepoint web part

                    I would embed Azure Personalized Views as Sharepoint web part

                    1 vote
                    Vote
                    Sign in
                    Check!
                    (thinking…)
                    Reset
                    or sign in with
                    • facebook
                    • google
                      Password icon
                      I agree to the terms of service
                      Signed in as (Sign out)
                      You have left! (?) (thinking…)
                      0 comments  ·  My Dashboard  ·  Flag idea as inappropriate…  ·  Admin →
                    • Reduce Service Map inital load time by not default displaying service map of first server in list.

                      On entering the Service Map solution you have to wait for the Loading Map Data message to disappear before you can start to use the Filter field. This can make you wait 20-30 seconds to render a service map for a server that you're not interested in.

                      Would be nicer to drop start to a quick loading Service Map overview screen or just not render anything.

                      3 votes
                      Vote
                      Sign in
                      Check!
                      (thinking…)
                      Reset
                      or sign in with
                      • facebook
                      • google
                        Password icon
                        I agree to the terms of service
                        Signed in as (Sign out)
                        You have left! (?) (thinking…)
                        0 comments  ·  Service Map  ·  Flag idea as inappropriate…  ·  Admin →
                      • Monitoring for ALL Azure Services

                        I see on https://docs.microsoft.com/en-us/azure/log-analytics/log-analytics-azure-storage that monitoring for several Azure services is still missing, for example Machine Learning, Stream Analytics, Data Factory. These tools provide their own or storage/log structure for investigation, but a centralized monitoring solution for all our Azure services would be beneficial to avoid checking individually for problems in each service. Currently, we have to resort to creating custom monitoring code in Azure functions.

                        Monitoring a custom log structure stored in blob storage would also be essential.

                        2 votes
                        Vote
                        Sign in
                        Check!
                        (thinking…)
                        Reset
                        or sign in with
                        • facebook
                        • google
                          Password icon
                          I agree to the terms of service
                          Signed in as (Sign out)
                          You have left! (?) (thinking…)
                        • OMS Workspace Setting error - unable to see connected Azure Resource in OMS Workspace

                          unable to see connected Azure Resource in OMS Workspace from Azure portal.

                          I am trying to see the connected azure resource from "workspace datasource" from OMS Workspace created in Azure portal

                          1 vote
                          Vote
                          Sign in
                          Check!
                          (thinking…)
                          Reset
                          or sign in with
                          • facebook
                          • google
                            Password icon
                            I agree to the terms of service
                            Signed in as (Sign out)
                            You have left! (?) (thinking…)
                            0 comments  ·  Workspace Settings / Administration  ·  Flag idea as inappropriate…  ·  Admin →
                          • Selective custom log collecting | filter custom log BEFORE send data to OMS

                            We need a solution with which we can define which entries are sent to the OMS cloud. This is the only way to ensure that no sensitive data is sent to the OMS Cloud..

                            The best solution would be to define which log entries are sent. For example, only all entries that contain "xyz" – like Nagios rules.

                            3 votes
                            Vote
                            Sign in
                            Check!
                            (thinking…)
                            Reset
                            or sign in with
                            • facebook
                            • google
                              Password icon
                              I agree to the terms of service
                              Signed in as (Sign out)
                              You have left! (?) (thinking…)
                            • Filter Data Collection in OMS Gateway before send it to OMS

                              Please implement on the OMS gateway the possibility to filter the collected data before they are sent to OMS.

                              For example, compliance rules can be Using Regex.

                              This is a very important requirement from the security departments, so that no sensitive data such as UPN etc. get into the public cloud.

                              3 votes
                              Vote
                              Sign in
                              Check!
                              (thinking…)
                              Reset
                              or sign in with
                              • facebook
                              • google
                                Password icon
                                I agree to the terms of service
                                Signed in as (Sign out)
                                You have left! (?) (thinking…)
                                0 comments  ·  OMS Gateway  ·  Flag idea as inappropriate…  ·  Admin →
                              • Integration with Microsoft Dynamics 365 - Organization Insights

                                Create a solution to monitor Dynamics 365 using Organization Insights: https://appsource.microsoft.com/en-us/product/dynamics-365/mscrm.04931187-431c-415d-8777-f7f482ba8095?tab=Overview

                                - Usage
                                - Capacity Managment
                                - Performance
                                - Licenses
                                - etc..

                                3 votes
                                Vote
                                Sign in
                                Check!
                                (thinking…)
                                Reset
                                or sign in with
                                • facebook
                                • google
                                  Password icon
                                  I agree to the terms of service
                                  Signed in as (Sign out)
                                  You have left! (?) (thinking…)
                                • Custom Log Date Delimiter should include yy/MM/dd hh:mm:ss

                                  For Custom Log record delimiter, can we add timestamp support for yy/MM/dd hh:mm:ss ?

                                  example: 17/05/02 21:53:03

                                  6 votes
                                  Vote
                                  Sign in
                                  Check!
                                  (thinking…)
                                  Reset
                                  or sign in with
                                  • facebook
                                  • google
                                    Password icon
                                    I agree to the terms of service
                                    Signed in as (Sign out)
                                    You have left! (?) (thinking…)
                                    0 comments  ·  Flag idea as inappropriate…  ·  Admin →
                                  • Query ResourceId from within a VM

                                    We have multiple test environments in different Azure resource groups. Each test environement is isolated but they have the same "computername fqdn"; have the same AD setup. At present the only workaround is to use the Azure VM extension, but it is limited.

                                    If we can query the resourceid a VM belongs to from inside the VM, and if every OMS record has "resourceid" as a parameter for Azure VM's, it would be really helpful.

                                    7 votes
                                    Vote
                                    Sign in
                                    Check!
                                    (thinking…)
                                    Reset
                                    or sign in with
                                    • facebook
                                    • google
                                      Password icon
                                      I agree to the terms of service
                                      Signed in as (Sign out)
                                      You have left! (?) (thinking…)
                                      0 comments  ·  Azure Resource Management  ·  Flag idea as inappropriate…  ·  Admin →
                                    • key vault

                                      Is it possible to integrate Azure Key Vault auditing and analytics with the Security Center, in order to quickly see any security concerns regarding the access and use of keys within the Key Vault?

                                      Also related would be automated certificate expiration notifications.

                                      1 vote
                                      Vote
                                      Sign in
                                      Check!
                                      (thinking…)
                                      Reset
                                      or sign in with
                                      • facebook
                                      • google
                                        Password icon
                                        I agree to the terms of service
                                        Signed in as (Sign out)
                                        You have left! (?) (thinking…)
                                        0 comments  ·  Security and Audit Solution  ·  Flag idea as inappropriate…  ·  Admin →
                                      • Adhoc check "Security Baseline Assesment"

                                        I want to check my server setting by "Security Baseline Assessment".
                                        When updating group policy, and When decreasing Failed rule numbers.

                                        Now, I need to wait next 24 hours after updating group policy to get checking rule results.
                                        Regards,
                                        Yoshihiro Kawabata

                                        1 vote
                                        Vote
                                        Sign in
                                        Check!
                                        (thinking…)
                                        Reset
                                        or sign in with
                                        • facebook
                                        • google
                                          Password icon
                                          I agree to the terms of service
                                          Signed in as (Sign out)
                                          You have left! (?) (thinking…)
                                          0 comments  ·  Security and Audit Solution  ·  Flag idea as inappropriate…  ·  Admin →
                                        • Add ability to collect via WMI Query

                                          It would be hugely beneficial if to collect information via WMI without using a custom runbook.

                                          Information provided by WMI could be used to build custom searches (Groups) based on results of a WMI query.

                                          Another advantage of collecting WMI information without the use of a runbook is there is great monitoring data inside the WMI classes but the hourly frequency of a runbook is not frequent enough to leverage the data.

                                          3 votes
                                          Vote
                                          Sign in
                                          Check!
                                          (thinking…)
                                          Reset
                                          or sign in with
                                          • facebook
                                          • google
                                            Password icon
                                            I agree to the terms of service
                                            Signed in as (Sign out)
                                            You have left! (?) (thinking…)
                                            0 comments  ·  Extensibility  ·  Flag idea as inappropriate…  ·  Admin →
                                          ← Previous 1 3 4 5 34 35
                                          • Don't see your idea?

                                          Feedback and Knowledge Base