Share via

Regarding custom metrics application insights

Dinesh N 1 Reputation point
2022-03-07T22:31:54.057+00:00

I have a scenario where I'm getting custom metrics thru an application. I want to create alerts based on thresholds and days of the week. Is there any way I can integrate the metadata in some storage and compare the metrics based on that? For example, I have message count metrics in the application, and if on Monday the message count is less than 100 or more than 200 I should get an alert. It varies on the day of the week. I have to monitor almost 250 custom metrics.

I tried implementing custom logs in Log analytics but I have a challenge in case if I want to change the thresholds then I need to drop the custom table and recreate it.

Azure Monitor
Azure Monitor
An Azure service that is used to collect, analyze, and act on telemetry data from Azure and on-premises environments.
3,037 questions
0 comments

1 answer

Sort by: Most helpful
Most helpful Newest Oldest
  1. AnuragSingh-MSFT 21,251 Reputation points
    2022-03-09T12:18:49.83+00:00

    Hi @Dinesh N

    Welcome to Microsoft Q&A! Thanks for posting the question.

    In order to create log-based alert rule, where the threshold varies by day-of-week, I would suggest using the following functions of Kusto Query Language:

    1. dayofweek() -- This scalar function can be used to get the day-of-week (0d being Sunday, 1d being Monday and so on...). You can use this function against the "TimeGenerated" column or any other suitable "Datetime type" column. In case you want to get the current day, you may use it with now() function (Example available below)
    2. case() -- This can be used for multi step evaluation based on the day-of-week as returned from previous step and setting the threshold accordingly.

    Using a combination of both the above functions, the resultant query itself can contain the threshold based on the day-of-week. Therefore, in future if the threshold changes, you will only have to edit the case statement and this solution also does not require additional storage/custom table. The example query below should help clarify it further: 

    let day = dayofweek(now());  
let threshold = case(day == 1d, 5m,  //threshold for monday is 5 minutes  
                       day == 2d, 2m, //threshold for tuesday is 2 minutes  
                       day == 3d, 5s, //threshold for wednessday is 5 seconds  
                       10m); //threshold for any other day is 10 minutes.   
Heartbeat  
| summarize LastHeartbeat=max(TimeGenerated) by Computer  
| where LastHeartbeat < ago(threshold)

    Please let me know if you have any questions.

    ---
    Please 'Accept as answer' and ‘Upvote’ if it helped so that it can help others in the community looking for help on similar topics.