Azure Monitor-Log Analytics

Welcome to the "Azure Log Analytics ":https://azure.microsoft.com/en-us/services/log-analytics/ Feedback page. We appreciate your feedback and look forward to hearing from you. Use this site for new ideas and bug reports or to request help.
NOTE – Log Analytics is now a part of Operations Management Suite. Learn more at http://microsoft.com/OMS

  • Hot ideas
  • Top ideas
  • New ideas
  • My feedback
  1. Respect the indentation/tabs in the logs

    Our apps are currently logging request and response using indented JSON however Log Analytics removes all the indentation and pulls the text to the left which makes it difficult to understand.

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Search UI and Language  ·  Flag idea as inappropriate…  ·  Admin →

    Thanks for the valid suggestion. Your feedback is now open for the user community to upvote & comment on. This allows us to effectively prioritize your request against our existing feature backlog and also gives us insight into the potential impact of implementing the suggested feature.

  2. ANSI colour coding in log messages

    Many logging frameworks we are using use ANSI colour escape sequences to provide colour. These look fine in a console but when they get to log analytics, they show as the raw escape sequence like [96m.

    We can turn off the colour to workaround this but it would be good to see support for it in Log Analytics.

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Search UI and Language  ·  Flag idea as inappropriate…  ·  Admin →

    Thanks for the valid suggestion. Your feedback is now open for the user community to upvote & comment on. This allows us to effectively prioritize your request against our existing feature backlog and also gives us insight into the potential impact of implementing the suggested feature.

  3. Required to download log analytics report in suitable format

    In log analytics feature we cant save the chart and graph in file need to take screen shot and save it ,it's big task to do every time so this feature must be there .as my opinion .

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Flag idea as inappropriate…  ·  Admin →

    Thanks for the valid suggestion. Your feedback is now open for the user community to upvote & comment on. This allows us to effectively prioritize your request against our existing feature backlog and also gives us insight into the potential impact of implementing the suggested feature.

  4. add EventDataId to Activity Log Schema for Event Hub and Storage

    When querying Activity Logs using the REST API the json output has an EventDataID that uniquely identifies each log. When activity logs are streamed to EventHub or storage the schema is slightly different and the EventDataID is missing so there is no way to uniquely identify an event id. Given this information is already available can it added to Event Hub as well.

    The event hub schema is here - https://docs.microsoft.com/en-us/azure/azure-monitor/platform/activity-log-export

    The activity log schema for REST API is here:

    https://docs.microsoft.com/en-us/azure/azure-monitor/platform/activity-log-schema

    3 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    1 comment  ·  Flag idea as inappropriate…  ·  Admin →

    Thanks for the valid suggestion. Your feedback is now open for the user community to upvote & comment on. This allows us to effectively prioritize your request against our existing feature backlog and also gives us insight into the potential impact of implementing the suggested feature.

  5. multiple OMS subscriptions to ability to pipe all Log Analytics data to one main OMS subscription

    We have multiple subscriptions under one tenant and one subscription will have 160 plus OMS subscriptions, all of which function as separate entities with their own resources. we would like to have the ability to pipe all Log Analytics data from these secondary subscriptions into your main subscription main OMS subscription, mostly for Threat Intelligence and Security Analytics so that you can correlate the data together. And to work with azure sentinel. Currently we have call AAD and office 365 data and AIP data go to the main OMS subscription. We need a central way to correlate data.

    3 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    8 comments  ·  Flag idea as inappropriate…  ·  Admin →

    Thanks a lot Aaron Shvarts for sharing your requirement. Currently there is a support to query cross resources with in Azure Monitor. However the limit is for 100 workspaces or application insights instance with in a query. https://docs.microsoft.com/en-us/azure/azure-monitor/log-query/cross-workspace-query . Please have a look and see if that could cater your requirement. We understand that the limit is 100 and your requirement is 160+ resources. Please let us know if the cross resource query is something you can use and if there is a feature requirement to increase the current limit of 100, that can be done by a new feedback thread. Thanks

  6. To increase the number of column bars shown in a azure dashboard from current limit 25 to maximum so as all the resource in a subscription.

    To increase the number of column bars shown in a azure dashboard from current limit 25 to maximum so as all the resource in a subscription.

    4 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Browser Support  ·  Flag idea as inappropriate…  ·  Admin →

    Thanks for the valid suggestion. Your feedback is now open for the user community to upvote & comment on. This allows us to effectively prioritize your request against our existing feature backlog and also gives us insight into the potential impact of implementing the suggested feature.

  7. extention log

    please record the update activity for Azure VM Extensions in Azure Activity Logs.
    Some Extensions outputs error logs on system evt or syslog when these are updating, But it is not easy to confirm the update was done successfully via Azure Portal.
    If Azure Portal shows the update status and update activity, it is very good function.

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  My Dashboard  ·  Flag idea as inappropriate…  ·  Admin →

    Thanks for the valid suggestion. Your feedback is now open for the user community to upvote & comment on. This allows us to effectively prioritize your request against our existing feature backlog and also gives us insight into the potential impact of implementing the suggested feature.

  8. Send logs for all Office 365 audit log entries/schemas

    Currently O365 logs are only collected for AzureActiveDirectory, Exchange, SharePoint and OneDrive workloads. Please add support for other audit log schemas as well, eg. the ones that are exposed via Office 365 Management Activity API: Teams, PowerBI, Sway, Yammer, ...

    40 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)

    Thanks for the valuable feedback. Your feedback is open for the user community to upvote & comment on. This allows us to effectively prioritize your request against our existing feature backlog and also gives us insight into the potential impact of implementing the suggested feature.

  9. Color customization in log analytics chart

    A feature to customize the color of the charts should be available, as the default colors don't make any sense in many scenarios (green, blue, etc). Furthermore, when publishing the charts into a dashboard, the colors and chart shape are changed again (from pie to donut and from green and blue to dark blue and light blue).
    The ability to choose the colors should be added to the "render" method and consistency between the actual chart in log analytics and the published chart in the dashboard are very important features that should be available.

    19 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)

    Thanks for the valid suggestion. Your feedback is now open for the user community to upvote & comment on. This allows us to effectively prioritize your request against our existing feature backlog and also gives us insight into the potential impact of implementing the suggested feature.

  10. Please make the deployment of datasource in the LogAnalytics workspace reliable

    Hi,
    I've been trying to deploy Microsoft.OperationalInsights/workspaces/dataSources resources as part of an ARM template.
    Oddly enough they do not always deploy fully... and what is more troublesome - no errors are thrown. Took a week to realize why some alerts do no trigger.

    Everything will "successfully" deploy and when you query them - half of the WindowsEvents and several of the Linux\Windows datasources will just not be there.

    I thought I was mistyping something, and tried configuring them by hand and export them (since possible values for the WindowsEvents are not documented anywhere) .. but that threw and error

    {"code":"ExportTemplateCompletedWithErrors","message":"Export…

    5 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Flag idea as inappropriate…  ·  Admin →

    Thanks for the valid suggestion. Your feedback is now open for the user community to upvote which allows us to effectively prioritize your request against our existing feature list and also gives us insight into the potential impact of implementing the suggested feature

  11. Need average duration trend for Azure Data factory pipelines in Log analytics

    Azure Data Factory analytics(Preview) shows ADF statistics but it good to show the average duration of activities and pipelines for a week trend

    3 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Flag idea as inappropriate…  ·  Admin →

    Thanks for the valid suggestion. Your feedback is now open for the user community to upvote & comment on. This allows us to effectively prioritize your request against our existing feature backlog and also gives us insight into the potential impact of implementing the suggested feature.

  12. Log Analytics - Alert rule does not work if the table is not yet created

    We want to create an alert rule on the non-existent table(yet), this is because we are sending the PSCustomObject to the custom table from the automation job, once the problem occurs, the initial table will be created with the results. We want to pre-recreate this rule, workaround, for now, is to generate the table with some custom data. Can this be fixed please?

    17 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Flag idea as inappropriate…  ·  Admin →

    Thanks for the valid suggestion. Your feedback is now open for the user community to upvote & comment on. This allows us to effectively prioritize your request against our existing feature backlog and also gives us insight into the potential impact of implementing the suggested feature.

  13. Microsoft Dependency Agent does not support SUSE kernel 4.12.14-95.13-default

    Microsoft Dependency Agent does not support SUSE kernel 4.12.14-95.13-default

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Flag idea as inappropriate…  ·  Admin →

    Thanks for the valid suggestion. Your feedback is now open for the user community to upvote & comment on. This allows us to effectively prioritize your request against our existing feature backlog and also gives us insight into the potential impact of implementing the suggested feature.

  14. add configurable Hyperlink property/link to OMS tiles to allow click through.

    I want to be able to click an icon which take me to another resource

    e.g. I use OMS tiles extensively and I would like to provide a clickable link to another dashboards containing more detailed versions of the parent dashboard information.

    Currently the top level tiles in Views are not flexible enough.

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  My Dashboard  ·  Flag idea as inappropriate…  ·  Admin →

    Thanks for the valid suggestion. Your feedback is now open for the user community to upvote & comment on. This allows us to effectively prioritize your request against our existing feature backlog and also gives us insight into the potential impact of implementing the suggested feature.

  15. Export Query Results to JSON

    Please support exporting the results of Log Analytics queries to JSON format. Exporting to CSV and Power BI are currently supported but I would also like to see export to JSON.

    2 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Search UI and Language  ·  Flag idea as inappropriate…  ·  Admin →

    Thanks for the valid suggestion. Your feedback is now open for the user community to upvote & comment on. This allows us to effectively prioritize your request against our existing feature backlog and also gives us insight into the potential impact of implementing the suggested feature.

  16. Add UDP traffic discovery to Service Map

    Service Map is great at showing TCP communications, but it doesn't surface anything on the UDP side, which is a big gap when using the tool to determine what is currently talking to what, or to flag anything that is unexpected.

    Is that something that's likely to be added at some point?

    7 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    1 comment  ·  Service Map  ·  Flag idea as inappropriate…  ·  Admin →

    Thanks for the valid suggestion. Your feedback is now open for the user community to upvote & comment on. This allows us to effectively prioritize your request against our existing feature backlog and also gives us insight into the potential impact of implementing the suggested feature.

  17. Flexible Custom Logs Record Delimiter

    The current functionality of setting a record delimiter of either
    a) end of line
    b) only one of 6 pre-chosen timestamps
    Is actually very limiting, even if there was a custom timestamp format option.

    When dealing with vendor applications or teams with different logging format standards this will still mean having to revert to option a. Logging every line after a return character, which if you have stack traces is going to get painful.

    If Log Analytics is serious about competing in this space it would be great to have some functionality where a log format is an option. Something…

    6 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Flag idea as inappropriate…  ·  Admin →

    Thanks for the valid suggestion. Your feedback is now open for the user community to upvote & comment on. This allows us to effectively prioritize your request against our existing feature backlog and also gives us insight into the potential impact of implementing the suggested feature.

  18. Inventory solution too pricey

    $6 per non-Azure node on top of Log analytics log storage seems overpriced.

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Change Tracking Solution  ·  Flag idea as inappropriate…  ·  Admin →

    Thanks for the valid suggestion. Your feedback is now open for the user community to upvote & comment on. This allows us to effectively prioritize your request against our existing feature backlog and also gives us insight into the potential impact of implementing the suggested feature.

  19. Retrieve the portal time span and use it inside the kusto query

    I am trying to access the time range selected from portal and use it inside the kusto query to show some metric (% uptime of a specific api using our custom logic).

    Documents does not mention any variable or function that we will help to access the time range selected from portal.

    It would be helpful to have a magic variable to see the time range selected from portal.

    28 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  My Dashboard  ·  Flag idea as inappropriate…  ·  Admin →

    Thanks for the valid suggestion. Your feedback is now open for the user community to upvote & comment on. This allows us to effectively prioritize your request against our existing feature backlog and also gives us insight into the potential impact of implementing the suggested feature.

  20. Add wildcard character feature for folder in Custom log path

    introduce this wildcard character feature in log path future.
    For example
    C://test/*/log/*.log

    20 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Flag idea as inappropriate…  ·  Admin →

    Thanks for the valid suggestion. Your feedback is now open for the user community to upvote & comment on. This allows us to effectively prioritize your request against our existing feature backlog and also gives us insight into the potential impact of implementing the suggested feature.

  • Don't see your idea?

Feedback and Knowledge Base