Syslog events on Linux computers using the Log Analytics agent.
- Virtual Machines
- Azure Arc Enabled Kubernetes
- Kubernetes Services
- Virtual machines
- Azure Stack HCI
- System Center Virtual Machine Manager
- Virtual Machine Scale Sets
- Azure Arc Provisioned Clusters
Sample queries for the Syslog table.
|The record size in bytes
|Name of the remote device that generated the message.
|Computer that the event was collected from.
|Date and time that the event was generated.
|The part of the system that generated the message.
|IP address of the system sending the message.
|Name of the system sending the message.
|Specifies whether ingesting the data is billable. When _IsBillable is
false ingestion isn't billed to your Azure account
|ID of the process that generated the message.
|Name of the process that generated the message.
|A unique identifier for the resource that the record is associated with
|Severity level of the event.
|The type of agent the event was collected by. For example,
OpsManager for Windows agent, either direct connect or Operations Manager,
Linux for all Linux agents, or
Azure for Azure Diagnostics
|A unique identifier for the subscription that the record is associated with
|Text of the message.
|Date and time the record was created.
|The name of the table