Azure Monitor
An Azure service that is used to collect, analyze, and act on telemetry data from Azure and on-premises environments.
2,956 questions
1 answer
Azure workbook question
hi, I've created a KQL query to basically provide means to audit group membership changes. Exported to a csv the name of each security group and its managedBy attributes and using it inside the query as external data. Then joining with SecurityEvent…
asked 2024-06-10T15:02:04.0033333+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(86.4, 28.000000000000004%, 18%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EA0%3C/text%3E%3C/svg%3E)
AdamBudzinskiAZA-0329
91
Reputation points
answered 2024-06-30T04:49:37.5733333+00:00
Vahid Ghafarpour
20,475
Reputation points
1 answer
One of the answers was accepted by the question author.
Sending Diagnostic Settings to the same workspace
I have a Log Analytics workspace that I send all of diagnostic settings to for auditing purposes. The Log Analytics workspace itself has its own set of Diagnostic Settings. I am trying to keep a single workspace for the time being. Is there any issues…
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(140.8, 95%, 23%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ER%3C/text%3E%3C/svg%3E)
2 answers
Azure Monitor Workbook and Azure AD objects ?
Hello, I was looking for a way to query Azure AD objects (first use case are service principals) from an Azure Monitor Workbook (essentially the goal would be to have a dashboard to check for near expiring secrets and cross the information with Azure…
asked 2022-10-18T13:54:07.697+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(121.6, 27%, 21%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EL6%3C/text%3E%3C/svg%3E)
LukeCloudWalker-6128
41
Reputation points
answered 2024-06-29T17:50:43.19+00:00
Mike Crowley
126
Reputation points
2 answers
One of the answers was accepted by the question author.
Show licenses overview on Azure Workbooks
Hi, I would like to add the following Graph query: https://graph.microsoft.com/v1.0/subscribedSkus?$select=skuPartNumber,consumedUnits,prepaidUnits on an Azure Workbooks. Is there a way to show missing licenses on a Azure Workbooks. Thanks
asked 2023-03-25T14:13:50.4933333+00:00
Marino Valentino
25
Reputation points
answered 2024-06-29T16:13:03.81+00:00
Mike Crowley
126
Reputation points
1 answer
Azure Policy for enabling diagnostic settings for WebApp/Function App - No resources remediated
I am working in an existing Azure environment where there is no governance and I am in the process of creating Azure Policies. Currently I am working on creating Azure Policy to enable Diagnostic settings for Azure Web App, Azure Function App and Web…
asked 2024-06-21T12:32:23.14+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(57.599999999999994, 63%, 15%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ESR%3C/text%3E%3C/svg%3E)
Senthil Ramadoss
0
Reputation points
answered 2024-06-28T20:20:32.3066667+00:00
Pinaki Ghatak
2,635
Reputation points Microsoft Employee
0 answers
Log Search Alert Rule fired when i created it manually on Portal but when i created it by Terraform with the same configuration it not fired
When I create a Log search Alert Rule manually on Azure Portal. It fired alerts perfectly when the condition is met. But when I created a Log search Alert Rule with the same configuration in Terraform. It did not fired alerts when the condition is met I…
asked 2024-06-28T03:14:53.31+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(153.6, 3%, 24%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ELB%3C/text%3E%3C/svg%3E)
Lam Bui Quang
20
Reputation points
commented 2024-06-28T15:02:26.6833333+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(211.20000000000002, 43%, 30%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EMM%3C/text%3E%3C/svg%3E)
Monalla-MSFT
12,761
Reputation points
1 answer
One of the answers was accepted by the question author.
Error Code:STATUS_ACCESS_VIOLATION when searching alert rules in Azure Portal in EDGE
Hi, Since KB5039212 was installed I am unable to search within Azure for alert rules where the customer has a sizable number of alerts (e.g. where AMBA has been deployed) If I search within the search bar it errors out with…
asked 2024-06-20T08:13:02.22+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(9.6, 43%, 10%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EJG%3C/text%3E%3C/svg%3E)
James Greensmith
45
Reputation points
commented 2024-06-28T10:09:07.1266667+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(304, 90%, 39%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EA%3C/text%3E%3C/svg%3E)
Abdul
2,125
Reputation points Microsoft Vendor
1 answer
Ingesting custom logs from VM to custom table
Hello, I'm having issues ingesting a custom log file from my IIS-enabled VM to a log analytics workspace. The steps I've taken to resolve this issue include: -Verified that the extension was successfully installed and provisioned -Verified that the…
asked 2024-06-27T19:20:12.4733333+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(80, 4%, 17%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EJS%3C/text%3E%3C/svg%3E)
Justin Sylvestre
0
Reputation points
answered 2024-06-27T22:57:32.0566667+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(246.4, 4%, 33%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ESS%3C/text%3E%3C/svg%3E)
Sina Salam
6,341
Reputation points
1 answer
Concurrent Automation Runbook jobs being triggered for a single web app stop activity
Azure activity log alert was set up for triggering alert for web app stop operation and azure automation runbook was specified in action group for this alert rule. Multiple Azure Automation Runbook jobs are being triggered concurrently due to multiple…
asked 2024-06-27T17:24:31.5166667+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(275.2, 41%, 36%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EAM%3C/text%3E%3C/svg%3E)
AnuragSingh-MSFT
21,076
Reputation points
edited the question 2024-06-27T19:46:18.05+00:00
Monalla-MSFT
12,761
Reputation points
1 answer
Logical disk alert for a VM at 80% utilization was not triggered
Even after enabling VMInsights and log-based alert rule, logical disk alert for a VM at 80% utilization was not triggered as expected. What is the correct way to configure such alert after enabling VMInsights? PS - Based on common issues that we have…
asked 2024-06-27T17:20:14.5866667+00:00
AnuragSingh-MSFT
21,076
Reputation points
edited the question 2024-06-27T19:38:00.65+00:00
Monalla-MSFT
12,761
Reputation points
1 answer
Unable to edit alert rule in Azure portal
Unable to edit alert rule in Azure portal. The error received is 'Failed to update alert rule'. This error suggests an internal server problem and advises retrying or contacting support with a provided correlation ID. PS - Based on common issues that we…
asked 2024-06-27T17:12:20.4866667+00:00
AnuragSingh-MSFT
21,076
Reputation points
edited the question 2024-06-27T19:30:29.8233333+00:00
Monalla-MSFT
12,761
Reputation points
1 answer
Using a single metric alerts for multiple resources in Azure
How do you monitor multiple resources using a single metric alert rule? Can Azure Metric alert rules be used for multiple resources? If yes, how? PS - Based on common issues that we have seen from customers and other sources, we are posting these…
asked 2024-06-27T17:08:35.52+00:00
AnuragSingh-MSFT
21,076
Reputation points
edited the question 2024-06-27T19:16:14.0266667+00:00
Monalla-MSFT
12,761
Reputation points
1 answer
Disabling the 'auto resolve' option for alert rule causes alerts to be fired
When the 'auto resolve' option of the alert rule is disabled, alerts start firing, but when enabled, the alerts stop firing. What is the use of 'auto resolve' feature of alert rule? PS - Based on the issues that we have seen from multiple customers and…
asked 2024-06-27T16:41:41.91+00:00
AnuragSingh-MSFT
21,076
Reputation points
edited the question 2024-06-27T18:27:48.2933333+00:00
Monalla-MSFT
12,761
Reputation points
1 answer
Migrating Application Insights availability test alert rule to different Azure Subscription
After migrating the ApplicationInsights to a different Azure subscription, unable to find availability test alerts rule which gets automatically created for the Application Insights availability tests. PS - Based on the issues that we have seen from…
asked 2024-06-27T16:38:53.8333333+00:00
AnuragSingh-MSFT
21,076
Reputation points
edited the question 2024-06-27T18:10:43.99+00:00
Monalla-MSFT
12,761
Reputation points
1 answer
Including the result of log search query for Log based alert rule
How to include result of log search in alert generated by log based alert rule. Specifically, how do we include results from KQL queries, such as computer names, rows of result returned etc. directly in Azure email notifications sent for Azure Monitor…
asked 2024-06-27T16:36:04.9266667+00:00
AnuragSingh-MSFT
21,076
Reputation points
edited the question 2024-06-27T18:06:39.97+00:00
Monalla-MSFT
12,761
Reputation points
1 answer
Facing challenges with a suppression rule that isn't working as expected for a couple of servers, despite following Microsoft's configuration suggestions
How do you troubleshoot a suppression rule, if it does not work for a couple of servers? PS - Based on the issues that we have seen from multiple customers and sources, we are posting these questions to help the Azure community.
asked 2024-06-27T16:32:47.8266667+00:00
AnuragSingh-MSFT
21,076
Reputation points
edited the question 2024-06-27T17:49:23.97+00:00
Monalla-MSFT
12,761
Reputation points
1 answer
Configuring alert rules for your Virtual Machine Scale Sets (VMSS) in the Azure portal
How to configure alert rules for your Virtual Machine Scale Sets (VMSS) in the Azure portal? What should be the correct scope and dimension for metric alerts?
asked 2024-06-27T17:15:09.1366667+00:00
AnuragSingh-MSFT
21,076
Reputation points
answered 2024-06-27T17:22:10.1366667+00:00
Jackson Martins
10,126
Reputation points MVP
1 answer
log search query alerts specifically for SQL exceptions
How to setup Azure Monitor log-based alert rule to alert for SQL exceptions (or any other exceptions)?
asked 2024-06-27T16:48:26.95+00:00
AnuragSingh-MSFT
21,076
Reputation points
answered 2024-06-27T17:11:52.3833333+00:00
Vahid Ghafarpour
20,475
Reputation points
1 answer
MS Defender agent uninstalling - Complete #help
Hello Community I have a VM where a 3rd party AV is installed , previously we were using MS defender endpoint but it was giving pain for redhat machines. Problem : I have a win10 VM where i have uninstalled the MDE agent from extension . but…
asked 2022-08-01T09:38:33.96+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(176, 24%, 27%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EMA%3C/text%3E%3C/svg%3E)
Mohammed Altamash Khan
2,086
Reputation points
commented 2024-06-27T13:15:55.6166667+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(297.6, 14.000000000000002%, 38%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EDB%3C/text%3E%3C/svg%3E)
Dan Beeney
0
Reputation points
0 answers
AVD Insights Host Performance Blade Empty after change to new Azure Monitoring Agent
Hi all, I have a quick question regarding the AVD Insights. Does anyone else currently have issues with the "Host Performance" blade showing "the query returned no results" for all the insights? I have this issue currently in multiple…
asked 2024-05-31T11:40:50.7433333+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(224.00000000000003, 78%, 31%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ETP%3C/text%3E%3C/svg%3E)
Tim Pepe Hubert-Tzschoppe
6
Reputation points
commented 2024-06-27T09:12:08.2966667+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(67.2, 30%, 16%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EO%3C/text%3E%3C/svg%3E)
O_Krage93
0
Reputation points