Note
Access to this page requires authorization. You can try signing in or changing directories.
Access to this page requires authorization. You can try changing directories.
| Table | Categories | Solutions | Supports basic log plan | Queries |
|---|---|---|---|---|
| AKSAudit Contains all Kubernetes API Server audit logs including events with the get and list verbs. These events are useful for monitoring all of the interactions with the Kubernetes API. To limit the scope to modifying operations see the AKSAuditAdmin table. Requires Diagnostic Settings to use the Resource Specific destination table. |
audit, resources, container | LogManagement | Yes | Yes |
| AKSAuditAdmin Contains Kubernetes API Server audit logs excluding events with the get and list verbs. These events are useful for monitoring resource modification requests made to the Kubernetes API. To see all modifying and non-modifying operations see the AKSAudit table. Requires Diagnostic Settings to use the Resource Specific destination table. |
audit, resources, container | LogManagement | Yes | Yes |
| AKSControlPlane Contains diagnostic logs for the Kubernetes API Server, Controller Manager, Scheduler, Cluster Autoscaler, Cloud Controller Manager, Guard, the Azure CSI storage drivers, Azure Fleet Manager agents and Karpenter controller logs. These diagnostic logs have distinct Category entries corresponding their diagnostic log setting (e.g. kube-apiserver, kube-audit-admin). Requires Diagnostic Settings to use the Resource Specific destination table. |
resources, container | LogManagement | Yes | Yes |
| AzureActivity Entries from the Azure Activity log that provides insight into any subscription-level or management group level events that have occurred in Azure. |
resources, audit, security | LogManagement | No | Yes |
| AzureMetrics Metric data emitted by Azure services that measure their health and performance. |
resources, monitor | LogManagement | Yes | Yes |
| ContainerImageInventory Inventory of container images and their attributes that were discovered by the agent. |
container | AzureResources, ContainerInsights, Containers | No | Yes |
| ContainerInventory Inventory of containers and their attributes that are monitored by the agent |
container | AzureResources, ContainerInsights, Containers | No | Yes |
| ContainerLog Log lines collected from stdout and stderr streams for containers. |
container, applications | AzureResources, ContainerInsights, Containers | No | Yes |
| ContainerLogV2 Kubernetes Container logs in V2 schema. This is the successor of ContainerLog. This has a friendlier schema, specifically for Kubernetes orchestrated containers in pods. With this feature enabled, previously split container logs are stitched together and sent as single entries to the ContainerLogV2 table. The schema now supports container log lines of up to to 64 KB. The schema also supports .NET and Go stack traces, which appear as single entries. |
container | AzureResources, ContainerInsights | Yes | Yes |
| ContainerNodeInventory Table that stores Container host/node information |
container | AzureResources, ContainerInsights | No | Yes |
| ContainerServiceLog | container | AzureResources, ContainerInsights, Containers | No | Yes |
| Heartbeat Records logged by Log Analytics agents once per minute to report on agent health. |
virtualmachines, container, management | LogManagement | No | Yes |
| InsightsMetrics Table that stores metrics. 'Perf' table also stores many metrics and over time they all will converge to InsightsMetrics for Azure Monitor Solutions |
virtualmachines, container, resources | AzureResources, ContainerInsights, InfrastructureInsights, LogManagement, ServiceMap, VMInsights | No | Yes |
| KubeEvents Table that stores Kubernetes events |
container | AzureResources, ContainerInsights | No | Yes |
| KubeMonAgentEvents Table that stores events from the Kubernetes cluster monitoring agent [Azure Monitor Agent] |
container | AzureResources, ContainerInsights | No | Yes |
| KubeNodeInventory Table that stores Kubernetes cluster's node information. |
container | AzureResources, ContainerInsights | No | Yes |
| KubePVInventory Kubernetes persistent volumes and their properties. |
container | AzureResources, ContainerInsights | No | - |
| KubePodInventory Table that stores kubernetes cluster's Pod & container information |
container | AzureResources, ContainerInsights | No | Yes |
| KubeServices Table that stores Kubernetes services information. |
container | AzureResources, ContainerInsights | No | Yes |
| Perf Performance counters from Windows and Linux agents that provide insight into the performance of hardware components operating systems and applications. |
virtualmachines, container | LogManagement | No | Yes |
| RetinaNetworkFlowLogs Network flow logs for Azure Container Networking Services. |
container | LogManagement | Yes | Yes |
| Syslog Syslog events on Linux computers using the Log Analytics agent. |
virtualmachines, security | LogManagement | No | Yes |