Log Analytics

Welcome to the "Azure Log Analytics ":https://azure.microsoft.com/en-us/services/log-analytics/ Feedback page. We appreciate your feedback and look forward to hearing from you. Use this site for new ideas and bug reports or to request help.
NOTE – Log Analytics is now a part of Operations Management Suite. Learn more at http://microsoft.com/OMS

How can we improve Azure Log Analytics ?

You've used all your votes and won't be able to post a new idea, but you can still search and comment on existing ideas.

There are two ways to get more votes:

  • When an admin closes an idea you've voted on, you'll get your votes back from that idea.
  • You can remove your votes from an open idea you support.
  • To see ideas you have already voted on, select the "My feedback" filter and select "My open ideas".
(thinking…)

Enter your idea and we'll search to see if someone has already suggested it.

If a similar idea already exists, you can support and comment on it.

If it doesn't exist, you can post your idea so others can support it.

Enter your idea and we'll search to see if someone has already suggested it.

  • Hot ideas
  • Top ideas
  • New ideas
  • My feedback
  1. Bring back the capacity and performance Solution Pack

    Please bring back the Capacity and Performance Solution Pack

    3 votes
    Vote
    Sign in
    Check!
    (thinking…)
    Reset
    or sign in with
    • facebook
    • google
      Password icon
      Signed in as (Sign out)
      You have left! (?) (thinking…)
      0 comments  ·  Capacity Management Solution  ·  Flag idea as inappropriate…  ·  Admin →
    • Create the cmdlet to fetch our OMS alert or alert rule to easly maintenance, due Get-AzureRmAlertRule do not support this feature today.

      Add support to get-azurermalertrule to handle the OMS Alert and alert rule to maintenance, clone, delete, etc. Due actually is not supported, if you need it required to work on Alert API.

      23 votes
      Vote
      Sign in
      Check!
      (thinking…)
      Reset
      or sign in with
      • facebook
      • google
        Password icon
        Signed in as (Sign out)
        You have left! (?) (thinking…)
        0 comments  ·  Alert Management Solution  ·  Flag idea as inappropriate…  ·  Admin →
      • ServiceNow User App for Microsoft OMS integration support for ServiceNow London release

        We want to integrate our ServiceNow London release instance with the OMS ITSM solution.

        Currently the ServiceNow User App for Microsoft OMS integration is only supported till ServiceNow Kingston release. We also want to have some clarification how often the app will be updated oin the future to follow the ServiceNow release schedule.

        6 votes
        Vote
        Sign in
        Check!
        (thinking…)
        Reset
        or sign in with
        • facebook
        • google
          Password icon
          Signed in as (Sign out)
          You have left! (?) (thinking…)
        • Network Performance Monitor-Express Route

          Hi,

          I've been looking for an option where we can get total upload/download (data in-out) utilization reports either with NPM dashboard or with Log Analytics query by date range. Unfortunately I did not find any.

          It would be great if you can provide Log analytic query on NPM dashboard. Currently there is no option available to view total utilization reports for Azure ER.

          4 votes
          Vote
          Sign in
          Check!
          (thinking…)
          Reset
          or sign in with
          • facebook
          • google
            Password icon
            Signed in as (Sign out)
            You have left! (?) (thinking…)
            0 comments  ·  Network Monitoring  ·  Flag idea as inappropriate…  ·  Admin →
          • Upgrade Readiness cannot select multiple versions?

            Customer has a many Windows 10 Verstions (e.g. 1607 and 1803).
            But Upgrade Readiness configuration can select only one version in coufiguration.
            Customer thinks creating more workspace for using another Windows 10 version, but it is very cost for customer.
            And in the future, target Windows 10 clients are increasing.
            At every time Windows 10 client increasing, customer has more cost to create another workspace.

            1 vote
            Vote
            Sign in
            Check!
            (thinking…)
            Reset
            or sign in with
            • facebook
            • google
              Password icon
              Signed in as (Sign out)
              You have left! (?) (thinking…)
              0 comments  ·  Flag idea as inappropriate…  ·  Admin →
            • More Useful tiles in View Designer

              Please, add more view dashboards to be used inside View Designer or allow us to use create/customize them in a HTML-ish way. Displaying data with multiple columns as a table is a nightmare, espacially if you don't have a number/timestamp column, but that's the most required data; content is unreadable.

              1 vote
              Vote
              Sign in
              Check!
              (thinking…)
              Reset
              or sign in with
              • facebook
              • google
                Password icon
                Signed in as (Sign out)
                You have left! (?) (thinking…)
                0 comments  ·  Search UI and Language  ·  Flag idea as inappropriate…  ·  Admin →
              • Ability to ingest CSV and TSV files

                Multiple internal and external tools export their output to csv files. It could be great to have the ability to ingest them to Log Analytics without building some new infrastructure for it

                3 votes
                Vote
                Sign in
                Check!
                (thinking…)
                Reset
                or sign in with
                • facebook
                • google
                  Password icon
                  Signed in as (Sign out)
                  You have left! (?) (thinking…)
                  0 comments  ·  Extensibility  ·  Flag idea as inappropriate…  ·  Admin →
                • resolved

                  Ability to have an emailed alert when original issue has been resolved.

                  Example, I have Log Analytics configured to send an emailed alert when a specific Windows Server service enters the stopped state. This sends an alert. I'd like to be able to configure Log Analytics to automatically send a second email when that service enters the started state.

                  8 votes
                  Vote
                  Sign in
                  Check!
                  (thinking…)
                  Reset
                  or sign in with
                  • facebook
                  • google
                    Password icon
                    Signed in as (Sign out)
                    You have left! (?) (thinking…)
                    0 comments  ·  Alert Management Solution  ·  Flag idea as inappropriate…  ·  Admin →
                  • Network Performance Monitoring added to Network Watcher which cause billing

                    Under NPM solution there is no documentation which says. NPM is added to Network Watcher and that start your billing. Please aware whoever turning on NPM solution in OMS workspace.

                    3 votes
                    Vote
                    Sign in
                    Check!
                    (thinking…)
                    Reset
                    or sign in with
                    • facebook
                    • google
                      Password icon
                      Signed in as (Sign out)
                      You have left! (?) (thinking…)
                      0 comments  ·  Flag idea as inappropriate…  ·  Admin →
                    • OMS

                      Allow administrators to remove systems from OMS. Removing the OMS workspace from the VM is not enough if OMS agent is auto-provisioned as an Extension. This means that even though the workspace is removed on the VM OS level then VM deleted, it will still show up in OMS because there is a zombie VM extension. Waiting 30 days is simply not acceptable as we have no authoritative list of machines to monitor and we are PREVENTED from cleaning these up.

                      3 votes
                      Vote
                      Sign in
                      Check!
                      (thinking…)
                      Reset
                      or sign in with
                      • facebook
                      • google
                        Password icon
                        Signed in as (Sign out)
                        You have left! (?) (thinking…)
                        0 comments  ·  Flag idea as inappropriate…  ·  Admin →
                      • Support for more than one hostname in Update Management

                        Update Management currently is unable to push updates to multiple instances if they have the same hostnames. It will only push updates to the first one in the list and skip the rest.

                        If would be nice if this limitation did not apply.

                        1 vote
                        Vote
                        Sign in
                        Check!
                        (thinking…)
                        Reset
                        or sign in with
                        • facebook
                        • google
                          Password icon
                          Signed in as (Sign out)
                          You have left! (?) (thinking…)
                          0 comments  ·  Flag idea as inappropriate…  ·  Admin →
                        • timezone conversion

                          There should be the option to specify the source timezone when converting a string to datetime. Some of our solutions log data in local time in their JSON-based logs.

                          3 votes
                          Vote
                          Sign in
                          Check!
                          (thinking…)
                          Reset
                          or sign in with
                          • facebook
                          • google
                            Password icon
                            Signed in as (Sign out)
                            You have left! (?) (thinking…)
                            0 comments  ·  Flag idea as inappropriate…  ·  Admin →
                          • Antimalware assessment - Sophos is not recognised

                            The Antimalware Assessment currently does not cover systems which are protected by Sophos AV. Can we get this addressed ?

                            4 votes
                            Vote
                            Sign in
                            Check!
                            (thinking…)
                            Reset
                            or sign in with
                            • facebook
                            • google
                              Password icon
                              Signed in as (Sign out)
                              You have left! (?) (thinking…)
                              0 comments  ·  Security and Audit Solution  ·  Flag idea as inappropriate…  ·  Admin →
                            • Right Click Paste

                              The right click menu is missing paste in the new Log Analytics blade and the Log Analytics advanced portal. Copy and Cut are there, no paste.

                              3 votes
                              Vote
                              Sign in
                              Check!
                              (thinking…)
                              Reset
                              or sign in with
                              • facebook
                              • google
                                Password icon
                                Signed in as (Sign out)
                                You have left! (?) (thinking…)
                                0 comments  ·  Search UI and Language  ·  Flag idea as inappropriate…  ·  Admin →
                              • 1 vote
                                Vote
                                Sign in
                                Check!
                                (thinking…)
                                Reset
                                or sign in with
                                • facebook
                                • google
                                  Password icon
                                  Signed in as (Sign out)
                                  You have left! (?) (thinking…)
                                  0 comments  ·  Flag idea as inappropriate…  ·  Admin →
                                • does a list of device health metrics exist that Operations Managements Suite (OMS) or Log Analytics monitors?

                                  I'm looking for a list of metrics that OMS monitors, specifically relating to device health. I'm looking to reference these metrics in order to proactively address potential issues.

                                  1 vote
                                  Vote
                                  Sign in
                                  Check!
                                  (thinking…)
                                  Reset
                                  or sign in with
                                  • facebook
                                  • google
                                    Password icon
                                    Signed in as (Sign out)
                                    You have left! (?) (thinking…)
                                    0 comments  ·  Flag idea as inappropriate…  ·  Admin →
                                  • Log Analytics -> Logs (Preview) blade needs Saved Searches-like feature

                                    The current "Logs" blade is pre-populated with "A few more queries to try" and heavily pre-populated "Saved Searches" for common queries. This UI feature was critical to my understanding of log queries. If the new "Logs (Preview)" blade is to supersede the current "Logs" blade: please bring over a similar each to find and use feature.

                                    3 votes
                                    Vote
                                    Sign in
                                    Check!
                                    (thinking…)
                                    Reset
                                    or sign in with
                                    • facebook
                                    • google
                                      Password icon
                                      Signed in as (Sign out)
                                      You have left! (?) (thinking…)
                                      0 comments  ·  Search UI and Language  ·  Flag idea as inappropriate…  ·  Admin →
                                    • API to enable/disable log analytics alerts

                                      Is there any API to enable/disable log analytics alerts. I am not able to find any references with in the documentation.

                                      2 votes
                                      Vote
                                      Sign in
                                      Check!
                                      (thinking…)
                                      Reset
                                      or sign in with
                                      • facebook
                                      • google
                                        Password icon
                                        Signed in as (Sign out)
                                        You have left! (?) (thinking…)
                                        0 comments  ·  Flag idea as inappropriate…  ·  Admin →
                                      • Allow a push stream to be sent to the HTTP Data Collector

                                        It should be possible to dynamically parse data and stream it to the HTTP Data Collector API using a push stream approach.

                                        This is not currently possible since the Content-Length is a required component of the Signature in the Authorization header and the size of the payload is not known ahead of time when generating a push stream.

                                        3 votes
                                        Vote
                                        Sign in
                                        Check!
                                        (thinking…)
                                        Reset
                                        or sign in with
                                        • facebook
                                        • google
                                          Password icon
                                          Signed in as (Sign out)
                                          You have left! (?) (thinking…)
                                        • Office Add-in Architecture visible via Upgrade Readiness Solution

                                          The Upgrade Readiness Solution shows detail on the Office Addins in your environment. Having the ability to determine which Plugins required attention when moving from 32bit Office to 64bit would be useful and therfore knowing if a plugin is 32bit or 64bit would assist this process.

                                          4 votes
                                          Vote
                                          Sign in
                                          Check!
                                          (thinking…)
                                          Reset
                                          or sign in with
                                          • facebook
                                          • google
                                            Password icon
                                            Signed in as (Sign out)
                                            You have left! (?) (thinking…)
                                          • Don't see your idea?

                                          Feedback and Knowledge Base