Alerts Based on Rolling Averages in Log Analytics

This post will go over how to create an alert for Log Analytics that evaluates two recent time periods for comparison. It’s a little, let’s say, “in depth” as far as Log Analytics queries go. The alert is intended to trigger when a variable threshold is met based on the recent baseline as opposed to a static metric. Used with my PingTimeLog tool found here, alerts can be triggered if recent response time goes over a rolling average value. I also include a disk free space alert to identify when a large amount of data is added to a disk.

Continue reading “Alerts Based on Rolling Averages in Log Analytics”

Azure Automation Setup and Linking to Log Analytics

AzureAutomationIn this video I give a step-by-step demonstration on setting up and Azure Automation account and linking that account to an existing Log Analytics Workspace.  The Azure Automation account allows for the creation and scheduling of Runbooks written in PowerShell, PowerShell Workflow or Python.  Linking the Azure Automation account allows you to review and alert on the logs generated by Azure Automation. Continue reading “Azure Automation Setup and Linking to Log Analytics”

Azure Machine Learning in Log Analytics

Machine Learning with Log Analytics

Machine Learning and Artificial Intelligence are all the rage and for good reason.  While static grouping and sorting in Azure Log Analytics can help you break down data and find the source of issues, Machine Learning can point out issues or unusual relationships you may not even be aware of.   It does this by identifying patterns that are not obvious or by detecting differences in data sets.  In this post I go over the basics of the Basket, Autocluster and Diffpatterns Machine Learning queries that can be use in Azure Log Analytics, Azure Application Insight or Azure Security Center. Continue reading “Azure Machine Learning in Log Analytics”

Azure OMS Log Analytics Step by Step – Data Collector API

I see a lot of potential in Azure Log Analytics. That should go without saying considering the amount of time I have spent learning and documenting it over the past few weeks. One of the most exciting features that adds tremendous flexibility is the ability to log directly to Log Analytics with the Web API. Logging to the Web API enables anything to be written to Log Analytics without the use of the Microsoft Monitoring agent. Continue reading “Azure OMS Log Analytics Step by Step – Data Collector API”

Azure OMS Log Analytics Step by Step – Adding Custom Logs

In previous videos I demonstrated how to collect Event logs from a Windows server in Azure Log Analytics. You may need to also collect custom logs from applications that don’t log to the event log. In this video I show how to collect custom logs in Azure Log Analytics. Once collected, I also show how to define custom fields in those custom logs and run queries against it. Continue reading “Azure OMS Log Analytics Step by Step – Adding Custom Logs”

Azure OMS Step by Step – Search and Alerting

In this video I give a step by step overview of how to search and send alerts in Azure OMS Log Analytics. I include doing simple searches for Microsoft Windows Event Log data and enabling alerting on specific Event ID’s in Log Analytics.

Click here for more information on setting up an OMS Workspace.

Continue reading “Azure OMS Step by Step – Search and Alerting”

Azure OMS Step by Step – Log Collection Setup

In this video I give a step by step overview of how to setup log collection for Azure OMS Log Analytics.  I include setting up log collection for Azure and non-Azure Virtual Machines.

Click here for more information on setting up an OMS Workspace.

Continue reading “Azure OMS Step by Step – Log Collection Setup”

Link Azure Automation and OMS Workspace

I had issues linking a Log Analytics Workspace and Automation Account this week.  To begin with, there is no option to link an Automation Account from within an OMS Workspace and no way to link an OMS Workspace from within the Automation Account.  The only option is to go into the OMS Workspace and add a solution that requires an Automation Account such as Automation and Control.  The process is outlined here.

Updated 11/2018 – Added Log Analytics to the content as OMS is getting phased out.
Issue below still exists, although you do not need to go into the OMS portal to link.  It can be done simply by added the Automation and Control solution in Azure.  The Log Analytics Workspace and Automation Account do not need to be in the same Resource Group.  They do need to be in the East US and East US 2 Region to link however.

The bigger problem is that when I went to configure the workspace there was no Automation Account available when I tire to add a solution.  OMS Gave me the message: Continue reading “Link Azure Automation and OMS Workspace”