Azure Monitor-Log Analytics

Welcome to the "Azure Log Analytics ":https://azure.microsoft.com/en-us/services/log-analytics/ Feedback page. We appreciate your feedback and look forward to hearing from you. Use this site for new ideas and bug reports or to request help.
NOTE – Log Analytics is now a part of Operations Management Suite. Learn more at http://microsoft.com/OMS

  • Hot ideas
  • Top ideas
  • New ideas
  • My feedback
  1. To collect critical event log of Windows computer

    There are only 'Error', 'Waring', 'Information' type of Windows logs can be collect, but no 'Critical' events. My customer wish to collect and monitor critical event logs.

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Log Management and Log Collection Policy  ·  Flag idea as inappropriate…  ·  Admin →
  2. Webhooks for Azure activity Metric Json

    Hello,
    We need to be able to send JSON Payload from the Metric Alerts also.
    Currently is possible only for the Logs Alerts.

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Alert Management Solution  ·  Flag idea as inappropriate…  ·  Admin →
  3. Need bandwidth utilization consumed per subscription level from the NPM Dashboard or using Log Search

    I would really encourage if we can get the bandwidth utilization per azure subscription level so that we can check and alert our users on the utilization.

    5 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Network Monitoring  ·  Flag idea as inappropriate…  ·  Admin →
  4. 4 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Flag idea as inappropriate…  ·  Admin →
  5. Alert email query character limit

    There is a link in the alert emails from Log Analytics that pulls up the query results in a browser. There seems to be a character limit on the query that is returned by the link. One of our queries is 800+ characters and is only partially displayed, resulting in a syntax error when following the link. Please increase the character limit of the linked query.

    9 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    1 comment  ·  Alert Management Solution  ·  Flag idea as inappropriate…  ·  Admin →
  6. dnat or network rule alert and/or search query

    It would be nice to be able to search if anyone create specifically a dnat rule using azure firewall . At the momemt it is only possible to create a Activity Log Alert for "Creates or updates an Azure Firewall" event , however it’s not limited to NAT Rule Collection only but creates activity logs if it falls under below criteria and you can create an alert on top of it. it’s a broader alert for any activity within the Firewall resource

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Security and Audit Solution  ·  Flag idea as inappropriate…  ·  Admin →
  7. Ruby Rails

    Ruby version in Azure. The current version of Ruby Rails supported by Azure will no longer be supported in 2019. What is the upgrade path?

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    1 comment  ·  Flag idea as inappropriate…  ·  Admin →
  8. Recursive Log Collection paths

    Recursive Log collection paths for Custom Logs

    This will help users like me with folders that have logs + subfolders with logs.

    39 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
  9. Ability to set Daily volume cap using Azure Powershell or AzureRM template

    Currently there is no other way to set "Data volume cap" for Log Analytics workspace except Azure Portal. When mass deploying workspaces for our customers it is very inconvenient.
    Powershell cmdlet similar to Set-AzureRmApplicationInsightsDailyCap would work.

    4 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Workspace Settings / Administration  ·  Flag idea as inappropriate…  ·  Admin →
  10. Provide Proxy Details to be passed in Portal, rather than logging into the servers and rerun the OMS agent with proxy paramaters

    Provide Proxy Details to be passed in Portal, rather than logging into the servers and rerun the OMS agent with proxy paramaters.

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
  11. event log filtering

    provide ability to define custom event log filtering to include / exclude events from specific hosts or groups.
    All, Common, Minimal are not effective and are causing cost overruns.

    3 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
  12. Add the ability to regenerate individual keys (primary or secondary) via REST APIs

    The API claims to have a way of regenerating keys but it only seems to allow regenerating both keys at the same time. This defeats the purpose of having two keys since that is supposed to enable you to use one key while regenerating the other. This is also at odds with what is exposed in the Azure portal - where the primary and secondary keys each have a hyperlink to regenerate and seem to be able to regenerate independently.

    Link to API - https://docs.microsoft.com/en-us/rest/api/loganalytics/workspaces%202015-03-20/regeneratesharedkeys

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Workspace Settings / Administration  ·  Flag idea as inappropriate…  ·  Admin →
  13. Custom Logs to support Unicode files

    SQL Server supports unicode files only and this is not a supported format to import into custom logs. https://blog.sqlauthority.com/2018/05/14/sql-server-fix-msg-22004-the-log-file-is-not-using-unicode-format/

    9 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
  14. Provide ability to query resource Graph data from Log Analytics

    Please provide option to query resource graph data from Log Analytics. That will allow to correlate data between those and some interesting scenarios will be possible. Also you should be able to use Log Analytics query that reaches resource graph and you can create Log Search alert.

    48 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    3 comments  ·  Extensibility  ·  Flag idea as inappropriate…  ·  Admin →
  15. We should be able to customize the email body of the email notification generated by Alerts.

    So, Alerts will be sending default emails.. we should be able to generate the customized email with the search results.

    25 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    2 comments  ·  Alert Management Solution  ·  Flag idea as inappropriate…  ·  Admin →
  16. MAG NPM - Service Connectivty Monitor - List O365 GCC High / DoD Endpoints

    Within Azure Government - the NPM Service Connectivity Monitor's pre-canned rules for Office 365 point to the Commercial instance. Idea is for the following:
    1. Add additional pre-canned rules for O365 GCC High and DoD endpoints
    2. Create an Azure Doc that lists the endpoint URLs and ports that way proper monitoring could be configured within NPM SCM (or 3rd party tooling)

    The O365 URL / IP list is not a viable list as it lists wildcard hostnames (which is appropriate for firewall configurations, not for monitoring)
    https://docs.microsoft.com/en-us/office365/enterprise/office-365-u-s-government-gcc-high-endpoints

    5 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Network Monitoring  ·  Flag idea as inappropriate…  ·  Admin →
  17. Microsoft Teams integration with Azure Log Analytics

    How to integrate, connect Microsoft Teams to Azure Log Analytics? and send Microsoft Teams logs to Azure Log Analytics

    21 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Flag idea as inappropriate…  ·  Admin →
  18. Bola carfasom

    Agent shop

    3 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Workspace Settings / Administration  ·  Flag idea as inappropriate…  ·  Admin →
  19. Ability to turn off Filter (preview)

    When using the Log Analytics query portal, every time we execute a query, the portal automatically switches to the Filter (preview) pane. When working with complex data (such as AzureDiagnostics or Syslog), this hangs the browser--sometimes for several minutes.

    Can we please have the option to turn this feature OFF? I personally find it useless for my day-to-day work anyway (and I live in Log Analytics).

    3 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Search UI and Language  ·  Flag idea as inappropriate…  ·  Admin →
  20. Enable Microsoft Teams connect, integration with Azure Log Analytics

    How to integrate, connect Microsoft Teams to Azure Log Analytics? and send Microsoft Teams logs to Azure Log Analytics

    4 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Flag idea as inappropriate…  ·  Admin →
  • Don't see your idea?

Feedback and Knowledge Base