![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(153.6, 23%, 24%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ENB%3C/text%3E%3C/svg%3E)
Azure Monitor
An Azure service that is used to collect, analyze, and act on telemetry data from Azure and on-premises environments.
3,656 questions
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(128, 8%, 22%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EA%3C/text%3E%3C/svg%3E)
Hi @Nick Borg
Welcome to the Microsoft Q&A Platform! Thank you for asking your question here.
First make sure the alert has the appropriate permissions to access the Log Analytics workspace and any associated storage accounts. You can check this under Access Control (IAM) in the Azure portal.
Next, check the query to make sure it is flexible enough to handle situations where data may not be available at the expected time. You can use timing operations like bin() to simplify the query.
If the query accesses sensitive data (such as user IP), it can be blocked. You’ll want to make sure the alert has access to that data as well.
Double-check the alert system to make sure it points to the correct data source and uses the correct settings. If you create the query manually in the Log Analytics query editor and it doesn’t work, try changing the filters or time range until it does.
If you have any further queries, do let us know
If the answer is helpful, please click "Accept Answer" and "Upvote it"