While discussing Azure/OMS topics in the community I often see incorrect usage of OMS (Operations Management Suite). That is understandable of course as Microsoft hasn’t done good job at clearing out all the terms but I still think we should be using the correct term when posting questions or discussing OMS in forums and other sites. This can help us communicate better between each other and especially in forums could result to answering question faster. As we the move from OMS Portal to Azure Portal it was about time to write this blog post which I’ve intended to do for quite some time but always delayed due to different circumstances.
Tag: Microsoft Operations Managemenet Suite
Aggregate on More Than One Column for Azure Log Search Alerts
Log Analytics alerts aka Azure Log Search Alerts allows you to create a single alert and trigger alert instances per a column. This is possible by creating metric measurement alert. Unfortunately these types of alerts also have a limitation which might be blocking in certain situation. The classical example for that limitation is to create a single alert that will separate instance for free disk space threshold for each computer and disk. The query representation of that looks like this:
Continue reading “Aggregate on More Than One Column for Azure Log Search Alerts”
Programmatically Change Azure Log Analytics Pricing Model
Microsoft recently introduced a new model for purchasing Azure Log Analytics. To use this new model you will basically have to enable it on per subscription bases. In short you can either continue to use the old models or flip a switch on your subscription to use the new model. You cannot use both models for different workspaces in your subscription and you cannot move between the old models and the new ones without flipping that switch. Of course flipping that switch is easy as going into the Azure Portal -> Azure Monitor -> Usage and estimated costs blade but what about if you want to do this programmatically? Apparently there is a way to do it that way and in this blog post I will show you how.
Continue reading “Programmatically Change Azure Log Analytics Pricing Model”
Top 10 Charts in Azure Log Analytics and Application Insights
I’ve recently stumbled on forum question asking for chart that list only the top 10 resources or computers. Such chart is of course used a lot in performance metrics where for example you want to get the top 10 computers with CPU usage and list them in time chart.
Continue reading “Top 10 Charts in Azure Log Analytics and Application Insights”
Using Custom Log Search Alerts Based on Metric Measurement for Event Based Logs
In Azure Monitor we can create two type of alerts for Log Analytics:
Near real-time metric alerts are scoped to specific performance counter and heartbeat events but with Custom Log Search Alerts you can alert on any log in Log Analytics. With Custom Log Search Alerts the alert logic have two types:
- Number of results
- Metric Measurement
In a typical scenario you will use Number of results for logs and events and metric measurement for performance/metric logs. That wouldn’t be a problem if the way the alerts are fired distinguish quite a lot between those. For example in metric measurement you aggregate/summarize results and you alert based on the value from the aggregation/summarization. On top of that different alert instance is fired on each summarized record. In number of results you do not summarize/aggregate and alerts are fired based on the count of the records. For example on 10 records you will get only one alert instead of 10. If you are like me this is a problem as you want to get separate alert instance for your events just like metric measurement alerts.
In this blog post I will show you how to overcome this problem with workaround from the powerful Log Analytics query language.
Continue reading “Using Custom Log Search Alerts Based on Metric Measurement for Event Based Logs”
Cloud Administrator in Azure World 