This browser is no longer supported.
Upgrade to Microsoft Edge to take advantage of the latest features, security updates, and technical support.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(124.80000000000001, 85%, 22%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EMA%3C/text%3E%3C/svg%3E)
Hello,
I am getting this error when I am using this query in log analytics.
This is my query. The query runs fine when I use in log analytics. But when I create the rule, I get this error.
> let _serviceName = "my-service";
let _namespace = "prod";
let containerList = KubePodInventory
| where ServiceName == tolower(_serviceName)
| summarize max(TimeGenerated) by ContainerID
| summarize ContainerID=make_list(ContainerID, 200000);
ContainerLog
| where ContainerID in (containerList)
| where LogEntry contains "processing"
| where TimeGenerated > ago(2h)
| order by TimeGenerated desc
| project TimeGenerated, LogEntry;
I want to send an alert to email/teams channel when there are no logs in the past two hours.
Just checking in to see if the below response has helped or not.
or 
upvote button so it might help other community members reading this thread. 
I all you need to do is remove the command break " ;" off the end of the query.
Kind regards
Alistair
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(144, 92%, 23%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EJV%3C/text%3E%3C/svg%3E)
Yes..by removing command break " ;" it worked, no error thrown.