Azure Monitor-Log Analytics
Welcome to the "Azure Log Analytics ":https://azure.microsoft.com/en-us/services/log-analytics/ Feedback page. We appreciate your feedback and look forward to hearing from you. Use this site for new ideas and bug reports or to request help.
NOTE – Log Analytics is now a part of Operations Management Suite. Learn more at http://microsoft.com/OMS
- For general discussion/question and answers (not ideas and bug reports) use the MSDN Forum
- Onboarding issues? Read this troubleshooting guide
- How do I do XYZ? Try our documentation
- Customers with Premier support can log support cases via Premier
- Customers with Azure support agreements can log support cases in the Azure portal
-
Multi tenancy: Collect Azure Health logs from different Azure tenants
We manage Azure tenants for multiple companies. We want one central monitoring and automation Workspace to manage all these different tenants.
Although you can collect data from vm agents in different Azure tenants as well as data from different Office365 tenants it is not possible to get the Azure Health logs from different tenants into one OMS Workspace.506 votesYou can send Azure Activity Logs (aka operational events/audit events) for multiple subscriptions to a single log analytics workspace.
Is this what you mean by Health logs? If so, you can query for them with Type=AzureActivity Category=ServiceHealth
Additional guidance for service providers:
https://docs.microsoft.com/en-us/azure/log-analytics/log-analytics-service-providers-Richard
-
6 hours SLA on indexing custom log data is a very long time to alert on
According to this article https://azure.microsoft.com/en-us/support/legal/sla/log-analytics/v1_1/ SLA on indexing log data might take up to 6 hours. OMS has built in alerting that allows you to trigger actions within 5 minutes of data arrival. But if indexing takes more than 5 minutes - then what's the point of creating alert that might trigger on something that is no longer a problem, or not trigger at all if there is real problem. What is the average data indexing time? Log Analytics would be much more useful and have many more applications in real world if that indexing time is much lower. 6…
363 votesWe have recently published an article – https://docs.microsoft.com/en-us/azure/log-analytics/log-analytics-data-ingestion-time that details various aspects of data ingestion time for Log Analytics, and clarifies distinction between the financially-backed SLA and our Service-Level Objectives. In fact, the typical latency to ingest data into Log Analytics is between 3 and 10 minutes, with 95% of data ingested in less than 7 minutes.
We are also actively working to bring this latency down even further, and many customers already report that they experienced a significant improvement, but more is coming.
-
Use Windows Event Forwarding (WEF) to send events to OpInsights
Would it be cool if you could configure Windows Server WEF (Windows Event Forwarding - http://technet.microsoft.com/en-us/library/cc748890.aspx ) to send to Advisor for Log Management scenario, without using the SCOM agent ?
Alternatively, if one already has a forwarder/collector (WEF/WEC) architecture in place, could it be possible to use just one SCOM agent/gateway to pull the 'forwarded' logs stored on that collector from that single box to the cloud.331 votesThis is currently under development, scheduled to be in preview later in 2018
-
327 votes
We’ll watch interest. Can you comment/provide scenarios/use cases? is the idea to collect (thru the agent? or from azure subscription?) certificates and show/allow searching their properties?
-
Azure Machine Learning with Log Analytics
1 on OMS with Azure ML. As organizations lack the ability to mine through mounds of log data to detect trends and determine what services are running well and which services may need help.
Problem Management is one of the processes that requires Incident/Event data to determine trends. Many organizations struggle with this as they need to have a person look at this data and analyze it. Using OMS Analytics data and pumping to through Azure Machine Learning and providing insights would be valuable to IT organizations.
This would increase IT Organization’s maturity and drive business value.. I see a…
307 votes -
Provide an Intelligence Pack for System Center Service Manager
Create an intelligence pack for System Center Service Manager to provide additional analytical data for problem management, incident analysis, and configuration item analysis.
275 votesCan you provide a RANKED list of what is MOST and LEAST important for the various capabilities and scenarios that SM provides? i.e. you listed
- problem management
- incident management
- configuration items
… -
StorSimple Management from OMS
Could it be possible to add StorSimple to the OMS dashboard? I would like to see monitoring, usage, updates and snapshots from within the dashboard.
274 votesThanks for the idea, Ben. Let’s see how much traction this feedback receives from the community.
-
Azure Operational Insights for on-premises
We want to install "Azure Operational Insights" to on-promises.
Many of customer can not upload their logs to Azure (legal or etc...).261 votesThis features remains unplanned at this point of time. No plans for offline distribution. Thank you
-
Support Nano Server
Support Nano Server
249 votesThis feature is planned.
-
Collect IIS Advanced logs
Allow the collection and addition of custom fields using advanced logging or custom IIS modules. Example is to add x-forwarded-for to IIS logs in W3WC format.
218 votesThis feature request is still under review and team is actively prioritizing with existing backlog. Will keep the thread updated as we move forward.
-
Log Analytics: Service Map export to visio
Create a export to Visio function to export the Service Map canvas to visio file/s
207 votes -
Rename workspace
Ability to rename workspace should appear in new Azure portal after migration will be done.
204 votesWe previously allowed the renaming of workspaces but it wasn’t carried forward when we moved from Silverlight to HTML.
-
Collect IIS Logs from Windows Azure Diagnostics storage (WAD) for Azure Web Sites
Azure WebSites write to WAD in a different folder structure. The work of this other idea http://feedback.azure.com/forums/267889-azure-operations-insights/suggestions/6519377-collect-iis-logs-from-windows-azure-diagnostics-st enables reading those IIS logs for Azure Cloud Services (i.e. web role instances) but not for Azure Web sites.
This new idea is for the latter scope.169 votesCloud Services / Virtual Machines write with a different container/folder structure in Azure blob than Azure WebSites. Our current ingestion processes the former, not the latter.
Anyhow, also consider the ‘generic’ idea of a platform feature to ingest your own logs http://feedback.azure.com/forums/267889-azure-operational-insights/suggestions/7928931-collect-data-from-custom-containers-in-storage-acc
-
Collect Azure Active Directory Security logs with OMS
You should be able to see reports regarding "Azure Active Directory" Security logs. (sign-in/audit/...)
There already is a Azure possibility to see Azure Active Directory Reports. It would be nice to have this data in OMS.
159 votes -
One Overall OMS Dashboard integraded with SCOM - Cisco Prime -Solarwinds
Lot of Enterprise organizations have Multi monitor environment Like Microsoft SCOM for Servers in the Datacenter, Cisco Prime for network infrastructure like WiFi and SolarWinds for Network components. Monitoring from outside to inside like Microsoft OMS could be the Service in the middle and make One single Dashboard for the Business, but also for IT Pro's.
156 votes5 comments · Agent Management, Data Metering and Usage (Portal) · Flag idea as inappropriate… · Admin →Thanks you for taking the time to provide this feedback. We are looking at developing a centralized alerting view which will support monitoring tools like Nagios, Zabbix, Solarwinds. If you are interested in participating on the private preview of this solution please email me.
-
Expand Data Retention for Security and Audit IP
Provide to ability to expand the data retention to 3-8 years. Some customers do have compliance rules to save their security related data for 8 years. When this could be accomplished we move our ACS implementations on premise to OpInsights.
152 votesWe now support retaining data for up to 2 years:
https://docs.microsoft.com/en-us/azure/log-analytics/log-analytics-manage-access#change-how-long-log-analytics-stores-data—Richard
-
Collect Azure Web Apps IIS Logs and Application Logs
OMS can collect IIS logs for web roles. Extend this capability to Azure Web Apps IIS logs as well as Azure Web Apps application logs
129 votes -
Show Contextual data such as CPU and RAM for servers
When I click over a list that shows servers and select a given server from the list it would be nice to get a quick overview of the system. Such as OS SKU, CPU, RAM, Disk Free and so on.
127 votesWe have not forgotten about this but this is a multi-faceted feedback that expresses a desire (show me/let me pivot to contextual data), but besides the graphical interaction we need to bring the right capabilities and the right data types to the platform first.
A first step in this direction is the common ‘Computer’ field – http://feedback.azure.com/forums/267889-azure-operations-insights/suggestions/6519266-unify-standardize-computer-field-across-intellig
that allows you to pivot from one data type to another, and to join different data types thru sub-searches http://feedback.azure.com/forums/267889-azure-operational-insights/suggestions/6519234-filter-groups-of-computers-thru-subqueries-in-n
(which anyhow are generic and work with other fields too)We are starting to discuss what a UX for ‘context’ could look like, but we are not finished with bringing in new data types to make that really compelling :-)
One example of such ‘context’ is in the form of tracking configuration changes – http://feedback.azure.com/forums/267889-azure-operations-insights/suggestions/6519185-need-configuration-change-tracking-solution-softw so you can move from a troubleshooting scenario (capacity or events) to a ‘context’ of what has changed…
-
Custom Log feature for log rotate
Now, Log Analytics can not collect custom log which file is rotated by log rotation.
But log rotation is necessary for collection log on OS.
So, for mitigation we cannot unable to turn off log rotation.
So, I request to add new request about Custom Log for collecting Log Rotation files.125 votesThis feature is still under review by the team.
-
BizTalk Server Intelligence pack
Create an Intelligence pack for BizTalk Server, something similar to BizTalk Server 2013 Monitoring Management Pack:
- Application Views
- Application Artifacts Views
- Deployment Views
- BAM Component Views
- BAM Alerts
etcAs a MS partner company we have several customers very interested in this feature!!
122 votesThat’s a quote a lot of votes from a bunch of new users in a very short time, although 9 people are from the same two companies and 7 other are anonymous, and a few other ones. Let’s see how generally applicable/widespread the demand is.
Also see the comment from Daniele M. below for general considerations about monitoring scenarios.
Let’s also clarify (this is not clear in the request): is the request to support:
a) ‘traditional’ on-premises BizTalk
or
b) Azure BizTalk services
?
- Don't see your idea?