Azure Monitor-Log Analytics

Welcome to the "Azure Log Analytics ":https://azure.microsoft.com/en-us/services/log-analytics/ Feedback page. We appreciate your feedback and look forward to hearing from you. Use this site for new ideas and bug reports or to request help.
NOTE – Log Analytics is now a part of Operations Management Suite. Learn more at http://microsoft.com/OMS

  • Hot ideas
  • Top ideas
  • New ideas
  • My feedback
  1. log analytics

    Need log analytics to process alert rules faster. I am seeing 10-12 minutes lag for alert generation.

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Security and Audit Solution  ·  Flag idea as inappropriate…  ·  Admin →
  2. Support millisecond/microsecond precision for time-generated-field in HTTP Data Collector

    Support millisecond/microsecond precision for time-generated-field in HTTP Data Collector. Use ISO 8601 format YYYY-MM-DDThh:mm:ss.msecZ

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)

    Thanks for the feedback. Your feedback is now open for the user community to upvote & comment on. This allows us to effectively prioritize your request against our existing feature backlog and also gives us insight into the potential impact of implementing the suggested feature.

  3. 1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Alert Management Solution  ·  Flag idea as inappropriate…  ·  Admin →

    Thanks for the feedback. Your feedback is now open for the user community to upvote & comment on. This allows us to effectively prioritize your request against our existing feature backlog and also gives us insight into the potential impact of implementing the suggested feature.

  4. RBAC - Advanced Settings & Custom Logs without RG-level Contributor Access

    Currently, in order to create custom logs or access Advanced Settings in Log Analytics, users require at least Contributor access at the Resource Group level. This is a significant set of permissions and we'd like to be able to define custom RBAC definitions in accordance with principles of least privilege and still allow teams to be able to create custom logs/access advanced settings within their Log Analytics asset.

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Azure Resource Management  ·  Flag idea as inappropriate…  ·  Admin →
  5. sql block information

    For the solution "Monitor Azure SQL Database using Azure SQL Analytics". It will be good that the blocking information will be available for SQL managed instances.

    3 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Flag idea as inappropriate…  ·  Admin →

    Thanks for the feedback. Your feedback is now open for the user community to upvote & comment on. This allows us to effectively prioritize your request against our existing feature backlog and also gives us insight into the potential impact of implementing the suggested feature.

  6. Activity log only can be saved 90 days

    Customer wants to know who deleted or created resources around years ago.

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Flag idea as inappropriate…  ·  Admin →
  7. pipeline logs notoriously difficult to navigate

    logs on pipeline build progress/failures are available in separate overlay windows (white on black). typically the are rather long and the action is usually on the bottom.

    impossible to navigate on an ipad, very hard in a regular browser. a button to go to the bottom would be helpful.

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Flag idea as inappropriate…  ·  Admin →

    Thanks for the feedback. Your feedback is now open for the user community to upvote & comment on. This allows us to effectively prioritize your request against our existing feature backlog and also gives us insight into the potential impact of implementing the suggested feature.

  8. Include "Valued caching policies" on the analytics result

    It would be very helpful if you have a built-in mechanism for counting value cache misses/success.

    9 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)

    Thanks for your feedback. Your feedback is now open for the user community to upvote & comment on. This allows us to effectively prioritize your request against our existing feature backlog and also gives us insight into the potential impact of implementing the suggested feature.

  9. Azure audit log event when running out of licenses

    Unfortunately, there is no configuration setting in Azure AD to get a warning when running out of licenses. Warning is displayed only in Office 365 admin portal.
    It's quite painful with Commerce licensing model when the license is not being assigned to newly provisioned user until additional licenses are bought. Someone has to manually check number available licenses via Office 365 portal instead of getting an alert and order more licenses immediately,

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Flag idea as inappropriate…  ·  Admin →

    Thanks for the valid suggestion. Your feedback is now open for the user community to upvote & comment on. This allows us to effectively prioritize your request against our existing feature backlog and also gives us insight into the potential impact of implementing the suggested feature.

  10. Be able to query / log Operating System version in portal for Azure IaaS VMs.

    Customer has a situation where they are unable to programmatically query IaaS VMs for Operating System version. This value is exposed in the portal but is not anywhere in log analytics and cannot be queried by CLI. The feature request here is to have "Operating System" sent to Log Analytics as a value that they can query. This value appears to populate dynamically once the virtual machine is started and it takes a minute or two for it to appear. Someone on the Azure DL said it is queried through "Regular OS Leval APIs." It would be nice if the…

    3 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Flag idea as inappropriate…  ·  Admin →

    Thanks for the valid suggestion. Your feedback is now open for the user community to upvote & comment on. This allows us to effectively prioritize your request against our existing feature backlog and also gives us insight into the potential impact of implementing the suggested feature.

  11. Support systemd template unit file

    So it would be great to enable Log Analytics to track change/enable inventory gathering on systemd services that are using systemd template.

    I had a ticket with support that confirmed to me it wasn't supported and sent me here to request a feature... So here I am, I feel it's more of a bug than a feature. If you say the agent support services/daemon inventory and it can do it with "normal" sytemd unit file, I think it should simply work with template too.

    What is a systemd unit file template ? https://fedoramagazine.org/systemd-template-unit-files/

    12 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Change Tracking Solution  ·  Flag idea as inappropriate…  ·  Admin →

    Thanks for the valid suggestion. Your feedback is now open for the user community to upvote & comment on. This allows us to effectively prioritize your request against our existing feature backlog and also gives us insight into the potential impact of implementing the suggested feature.

  12. Add Tenant root management group into Activity log's drop down list

    We can't select Tenant root management group in Activity log's "Management group" drop down list.

    Customer can apply policy on Tenant root management group. And the activity log should record the policy change on Tenant root management group.

    Please add Tenant root management group into Activity log's drop down list. So that we can check the activity log of Tenant root management group

    5 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Flag idea as inappropriate…  ·  Admin →

    Thanks for the valid suggestion. Your feedback is now open for the user community to upvote & comment on. This allows us to effectively prioritize your request against our existing feature backlog and also gives us insight into the potential impact of implementing the suggested feature.

  13. Pin a saved query in the Dashboard keeping it linked

    We would like to pin saved queries in the dashboard to avoid problems if a query changes. Today, when we pin a saved Log Analytics query chart to a dashboard, only the query text is copied, not creating a link between the query and the dashboard chart.

    Could you kindly implement this feature or make some advices to us about it?

    4 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Flag idea as inappropriate…  ·  Admin →

    Thanks for the valid suggestion. Your feedback is now open for the user community to upvote & comment on. This allows us to effectively prioritize your request against our existing feature backlog and also gives us insight into the potential impact of implementing the suggested feature.

  14. No AzureActiveDirectory audit data in workspace after recreating ws with same name

    AAD diagnostic Settings do not update the id of the Workspace if this newly created one gets the same name again.

    3 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)

    Thanks for the feedback. Your feedback is now open for the user community to upvote & comment on. This allows us to effectively prioritize your request against our existing feature backlog and also gives us insight into the potential impact of implementing the suggested feature.

  15. Chart settings in Log Analytics data graph in Dashboards

    It would be great if we could select Y axis range in chart settings for Log Analytics data chart.

    I followed all the steps from this tutorial: https://docs.microsoft.com/en-us/azure/azure-monitor/learn/tutorial-logs-dashboards

    But it's not possible to select the min and max values for Y axis in the chart.

    In the example shown by Microsoft, there's a host always with 100% CPU just to keep the graph pretty.

    Could you kindly take a look at this?

    Best Regards.

    Renan Araújo

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Flag idea as inappropriate…  ·  Admin →

    Thanks for the feedback. Your feedback is now open for the user community to upvote & comment on. This allows us to effectively prioritize your request against our existing feature backlog and also gives us insight into the potential impact of implementing the suggested feature.

  16. Incorrect language in Activity log entries in Azure Portal

    When viewing Activity log of my Azure SQL Database, some of the entry details are in Czech language although my locales and my Portal settings are all set to English.. (Maybe my live id is set to Czech... ) See attached screenshot.

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Flag idea as inappropriate…  ·  Admin →
  17. The oms custom logs should support the custom timestamp rather than the static format

    Hi,
    We are working with the Radius NPS (Network Policy Server) and would like to push this custom log logs to oms. However we got the failure.

    "CLIENTCOMP","IAS",03/07/2008,13:04:33,1,"client",,,,,,,,,9,"10.10.10.10","npsclient",,,,,,,1,,0,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,

    I referred to this guideline: https://docs.microsoft.com/en-us/azure/azure-monitor/platform/powershell-workspace-configuration#configuring-log-analytics-to-send-azure-diagnostics

    and

    https://docs.microsoft.com/en-us/azure/azure-monitor/platform/data-sources-custom-logs?toc=%2Fazure%2Fazure-monitor%2Ftoc.json#custom-log-record-properties

    Looks like the oms custom log just only supported:
    YYYY-MM-DD HH:MM:SS
    M/D/YYYY HH:MM:SS AM/PM
    Mon DD, YYYY HH:MM:SS
    yyMMdd HH:mm:ss
    ddMMyy HH:mm:ss
    MMM d hh:mm:ss
    dd/MMM/yyyy:HH:mm:ss zzz
    yyyy-MM-ddTHH:mm:ssK

    I believe that the OMS would be used in many systems and customers, so the oms custom logs should be supported the custom timestamp as needed.

    7 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    1 comment  ·  OMS Gateway  ·  Flag idea as inappropriate…  ·  Admin →

    Thanks for the valid suggestion. Your feedback is now open for the user community to upvote & comment on. This allows us to effectively prioritize your request against our existing feature backlog and also gives us insight into the potential impact of implementing the suggested feature.

  18. Bug with syntax parsing in log analytics alerting that works fine in application insights analytics

    There appears to be some sort of bug with using toscalar() on an application insights log in log analytics when making an alert.

    This query works fine in the application insights query interface:
    let endInstant = now() -15m;
    let beginInterval = 4h;
    let beginInstantTable = requests
    | where timestamp >= endInstant - beginInterval and timestamp < endInstant
    | summarize min(timestamp);
    let beginInstant = toscalar(beginInstantTable);
    let beginHoursAgo = datetime_diff("Hour", beginInstant, endInstant) + 1;
    requests
    | take 100
    | extend hoursAgo = datetime_diff("Hour", timestamp, endInstant)
    | make-series count() on hoursAgo from beginHoursAgo to 0 step 1 by operation_Name

    By contrast, it fails…

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Flag idea as inappropriate…  ·  Admin →
  19. Make Azure Log Analytics Dependency Agent available in Azure Portal GUI

    You currently can install the Dependency Agent through Azure Portal GUI, must use either PowerShell, ARM templates or possibly (haven't tested) Azure Policies. How?! Why?!

    Please make it possible to manage the Dependency Agent extension through the Azure Portal web GUI.

    3 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    1 comment  ·  Service Map  ·  Flag idea as inappropriate…  ·  Admin →

    Thanks for the valid suggestion. Your feedback is now open for the user community to upvote & comment on. This allows us to effectively prioritize your request against our existing feature backlog and also gives us insight into the potential impact of implementing the suggested feature.

  20. add a record to the activity log when the value of a tag has changed

    When the value of a tag has changed and this is recorded as an event in activity log, an alert can be triggered and an automated action can be started.

    6 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Alert Management Solution  ·  Flag idea as inappropriate…  ·  Admin →

    Thanks for the valid suggestion. Your feedback is now open for the user community to upvote which allows us to effectively prioritize your request against our existing feature backlog and also gives us insight into the potential impact of implementing the suggested feature.

  • Don't see your idea?

Feedback and Knowledge Base