Azure Monitor-Log Analytics

Welcome to the "Azure Log Analytics ":https://azure.microsoft.com/en-us/services/log-analytics/ Feedback page. We appreciate your feedback and look forward to hearing from you. Use this site for new ideas and bug reports or to request help.
NOTE – Log Analytics is now a part of Operations Management Suite. Learn more at http://microsoft.com/OMS

  • Hot ideas
  • Top ideas
  • New ideas
  • My feedback
  1. Add Office365 as monitoring object

    I would like to have an Office365 IP. For example, I would like to monitor the mailflow. If no mail is comming in for a few hours, I need a warning that there might be something wrong.

    56 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
  2. sharepoint related alerts and issues

    Is there any way to streamline the alerts, errors, issues, space issue, content databases related issues etc to the Operation Management suite?

    9 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)

    It depends what you mean.
    If you have Operations Manager, the Alert Management intelligence pack/ solution is what will sync those alerts (hence also those from SharePoint Management pack) to OMS – see here http://blogs.msdn.com/b/dmuscett/archive/2014/11/05/iis-mp-event-alerting-rules-s-opinsights-searches-equivalents.aspx

    If without OM, OMS today isn’t really (yet) a reactive/monitoring tool – by knowing the instrumentation/logs you can build search queries that are rough equivalents to monitoring ‘rules’ – i.e. see the exercise here for IIS http://blogs.msdn.com/b/dmuscett/archive/2014/11/05/iis-mp-event-alerting-rules-s-opinsights-searches-equivalents.aspx

    As for actual real time monitoring (i.e. producing alerts) – this idea can be tracked here http://feedback.azure.com/forums/267889-azure-operational-insights/suggestions/6519198-long-running-saved-searches-or-scheduled-that-ca

  3. Intelligence Pack to monitor LogicApps/Api apps events

    Requirement
    Need to monitor Logic App, out-of box api app and custom api apps.

    Thanks
    Tushar J

    14 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
  4. Collect data from custom containers in storage account

    We are trying to use appinsights and trying to export that data to the storage container. In the current version of OMS we want to configure custom storage container from where the logs/application data must be read for doing Alert Management.

    Thanks
    TJ

    74 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    1 comment  ·  Alert Management Solution  ·  Flag idea as inappropriate…  ·  Admin →

    Yes in the future we would like to enable this, but it needs work to define your own schema and fields first – not just their location.

    This general work is also needed for ‘generic’ log collection i.e. http://feedback.azure.com/forums/267889-azure-operational-insights/suggestions/7113030-collect-text-log-files

    Also, for doing ‘alerts’ you need to be able to create those alerts – check this idea http://feedback.azure.com/forums/267889-azure-operational-insights/suggestions/6519198-long-running-saved-searches-or-scheduled-that-ca

  5. inefficient sql queries

    Give a report/recommendation in the SQL assessment IP for inefficient queries.

    21 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    3 comments  ·  SQL Assessment Solution  ·  Flag idea as inappropriate…  ·  Admin →
  6. 14 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Workspace Settings / Administration  ·  Flag idea as inappropriate…  ·  Admin →
  7. 39 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
  8. Manage Azure VM's from a Solution

    I am a Service Provider who offers managed ASR and Backup so two new solutions are great, but I also offer Managed VM's (IAAS) and managed App's (PAAS), I would like to be able to view and manage scoped views of VM's from the Azure VM's. This could be a list view of the VM's like how they are viewed in the Azure Portal, and basic abilities such as stop/start/pause/checkpoint VM's would be awesome (like you can do in the SCOM VMM MP). You could then have a create VM link and jump to Azure portal to create new VM…

    9 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
  9. Ability to define a "friendly"name for machines reporting into Azure Opperational Insights

    In our scenario as a ISV we have many machines at different customer sites that have the same machine name. It would be extremely helpful if we were able to provide a friendly name or a description for machines reporting into the Azure Operational Insights Console.

    5 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
  10. Add support for SQL Databases

    To complete the monitoring scenario with PaaS services in Azure we will value the possibility of adding Operational Insights for Azure SQL Database to help to detect complex escenarios and points for improvement (most heavey queries, concurrency, use of the performance tiers, DTUs, in my apps, detect cpu consuming queries, RAM consuming queries, etc.).

    49 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
  11. workspace

    I would like be able to have a consolidated view over one o more workspaces. Consider a multinational organization with local IT running different parts of the infrastructure and a consolidated view for central analysis.

    16 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    planned  ·  2 comments  ·  Workspace Settings / Administration  ·  Flag idea as inappropriate…  ·  Admin →
  12. RBAC - DA - SLA

    I was thinking about synchronizing OnPrem SCOM Distributed Applications to Insight, toghether with SLA/SLO,
    or an option to create DA in Insight (group objects) + the option to add RBAC to the group, this would eliminate the need to publish dashboards in SharePoint (or give access to SCOM) for tenants to see the general health of their scope of servers/applications

    30 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    4 comments  ·  Workspace Settings / Administration  ·  Flag idea as inappropriate…  ·  Admin →
  13. Summary email for organisational accounts

    Organisational accounts do not get a summary email, but accounts outside the organisation do. The option is not there in Settings. Could this feature be added please?
    I also posted here

    https://social.msdn.microsoft.com/Forums/azure/en-US/77786b07-8761-4edb-b093-6049a871283a/not-getting-summary-email?forum=opinsights

    7 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    1 comment  ·  Workspace Settings / Administration  ·  Flag idea as inappropriate…  ·  Admin →
  14. Expand Data Retention for Security and Audit IP

    Provide to ability to expand the data retention to 3-8 years. Some customers do have compliance rules to save their security related data for 8 years. When this could be accomplished we move our ACS implementations on premise to OpInsights.

    162 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    7 comments  ·  Security and Audit Solution  ·  Flag idea as inappropriate…  ·  Admin →
  15. Ability for Searchs to Have Titles

    When I click on the "Locked-out Accounts" view from the Security IP, I am brought to the search section. There is no way on this page to tell what I am looking at without analysing the search. In the search bar it shows "EventID=4740" but who in their right mind has every event id memorized. There should be a title that shows I clicked on "Locked-out Accounts".

    6 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Search UI and Language  ·  Flag idea as inappropriate…  ·  Admin →

    Thanks for the feedback.

    This is similar to the behavior the mobile app has for ‘saved searches’ – they do show the title there.

    Coded drill-downs today don’t carry a title across pages, and changing this has an overall impact on the breadcrumb code, most likely – see this other idea http://feedback.azure.com/forums/267889-azure-operational-insights/suggestions/6519263-moving-across-pages-needs-to-be-seamless-clickable

    Keep in mind that the default drill down pages are meant as a convenience: once you identified a search you care about, you can SAVE it to your Saved Searches, and pin it on your own dashboard – those tiles in dashboards have a title (=the name of the saved search).

  16. SSD Tier optimization

    Collect and graph information from the "Storage Tier Optimization report" such as (SSD Tier Size Required/Size of SSD tier) and % of I/Os serviced from SSD tier

    8 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    1 comment  ·  Capacity Management Solution  ·  Flag idea as inappropriate…  ·  Admin →
  17. Control when Advisor MPs are downloaded

    We need to control when Advisor MPs are introduced to our environment to prevent possible outages during production business hours. It would be nice to set a maintenance windows to control when changes are introduces. It would also be beneficial to be able to introduce the MPs to pre-Prod prior to Prod environments.

    10 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)

    Hi, we are discussing this internally.

    Today you have a way to do this, by overriding the rules that perform MP/IP download and import – there is an override MP here http://blogs.technet.com/b/momteam/archive/2015/02/06/notice-upcoming-url-change-for-opsmgr-reporting-to-opinsights.aspx
    - you could keep them turned off in PROD and leave them enabled in QA/TEST – once you see a new MP has been updated in the test environment, you can remove the override in prod/let the update run/then block it again.

    We are determining how to make this more polished.
    Also see the similar idea http://feedback.azure.com/forums/267889-azure-operational-insights/suggestions/7161777-intelligence-pack-updates

  18. Possible bug - Intelligence pack "drilldown links" does not work in Firefox

    With the latest Firefox (36.0.4) it seems "drilldown links" in Intelligence Packs don't work. I open for example the Log Management one, click on the Event facet (to see all the event highlighted by the IP) and it jumps me to the Search Data Explorer start page, without showing the actual results. In IE it works properly, it shows the query results. It is true for other IPs as well.

    3 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Browser Support  ·  Flag idea as inappropriate…  ·  Admin →
  19. Change the link on the top left corner to take you to the "Home" location of Azure Op Insights rather than to the sales page on azure.com

    Change the link on "Microsoft Azure Operational Insights" to jump to the home for Op Insights rather than to the azure.com sales web page. This is not what users expect when clicking on "Bread Crumbs"

    5 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    1 comment  ·  Browser Support  ·  Flag idea as inappropriate…  ·  Admin →

    The little square icon left of what looks like breadcrumbs does take you to ‘home’ today. We understand this is not intuitive – unfortunately there are some technical intricacies with the underlying Azure portal framework code that don’t make this straightforward to change – see also this related idea http://feedback.azure.com/forums/267889-azure-operational-insights/suggestions/6519263-moving-across-pages-needs-to-be-seamless-clickable

  20. active directory group last accessed

    Seeing when a group in Active Directory was last queried, so I can see which groups are no longer used.

    14 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Active Directory Assessment Solution  ·  Flag idea as inappropriate…  ·  Admin →

    This seems a very specific requirement, let’s see how many need this…

    Maybe this type of scenario is more appropriate for the ‘Security and Audit’ intelligence pack http://feedback.azure.com/forums/267889-azure-operational-insights/suggestions/6519064-security-event-logs-should-be-collected which allows more ad-hoc exploration on the data that Windows already logs (if you enable certain audit policies).

    AD Assessment performs specific configuration checks that can ‘pass’ or ‘fail’ – a list of groups is not a possible output for that model.

  • Don't see your idea?

Feedback and Knowledge Base