![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(32, 67%, 13%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ERA%3C/text%3E%3C/svg%3E)
Azure Monitor
An Azure service that is used to collect, analyze, and act on telemetry data from Azure and on-premises environments.
3,037 questions
Data in the workspace is largely immutable. The records cannot be modified. There is a purge API intended for clearing spillage of PII or sensitive data. Comparable to events in the Windows event viewer. You can only add new records.
Watchlists for static data and it supports record updates. It is also possible to read in data from external sources like blob files and SQL databases. Reading static files from an Azure file share was the primary method for static lookup lists before Watchlists were introduced.
When working with workspace data the records are always in motion. New records arrive and old records expire constantly. One method for "updating" data in the workspace is to simply write in the updated record as a new entry. Then setup your queries or workbooks to only return the last record using an arg max summary. That way you always see the most recent record.