I have a hard time here understanding what a log analytics workspace is. As I have a requirement to monitor 7 application insigths out of many. Send emails if some of them throws exceptions. I can see in alerts you can only select a single application insight. And I dont want to create 7 alerts. So my plan was to create a analytics workspace. I havent found anyway to bind application insights to a workspace. Is that possible? I can see you in alerts can choose a analytics workspace as source, but what does that mean? Sounds like you some how can group data in that specific workspace?
I can see when I create a new Application Insight service i have the option to choose a workspace, but what with existing?
So as per your requirement, you can create the Workspace-based Application Insights resources, or connect the existing classical AI to azure log analytics. And of course, these 6 AI should connect to the same azure log analytics.
After you have the the Workspace-based Application Insights resources, the logs are logged into both the AI and the azure log analytics. So when you create an alert rule, select the azure log analytics, and create a custom log search alert rule. That can totally meet your requirement.
And you should also understand the table scheme between AI and Azure log Analytics. For example, in AI, the exceptions are logged in exceptions table; but if it's connected to azure log analytics, then in log analytics, the exceptions are in AppSystemEvents table.
Related
We have a large web application. We need to store user analytics about which ads has users seen. What accordions has been clicked etc. As far as I can see log analytics and application insights is more targeted towards logging and instrumentation (correct me if I am wrong). Does Azure provide any services for this kind of functionality, or would you have to store it your self to a SQL server/Table storage/CosmosDB and make a job that calculates the different statistics needed?
If "which ads has users seen" is actually a page view / request operation, then you can choose application insights.
If you're using app insights SDK, then you can track the events for these ads by using methods like TrackEvent. This event data is useful for analytics in application insights.
For analytics, you can use log queries which is available for azure monitor / application insights(to use log query, nav to azure portal -> your application insights -> in the left panel, select "Logs(Analytics)" under Monitoring). With log query, you can build your own query for any different statistics, or generate some charts.
Please let me know if you have more concerns.
We've logs(W3CIISLogs) on Log analytics workspace for websites hosted on VMs. Similarly we have app insights enabled for websites hosted on App service. Now we want to access telemetry data of both type of websites thru single interface, either via app insights or via Log analytics. Just wondering if it's possible and what's the best way.
With Azure Monitor you can now query not only across multiple Log Analytics workspaces, but also data from a specific Application Insights app in the same resource group, another resource group, or another subscription. This provides you with a system-wide view of your data. You can only perform these types of queries in Log Analytics.
Querying across Log Analytics workspaces and from Application Insights - reference another workspace in your query, use the workspace identifier and for an app from Application Insights, use the app identifier.
Cross-resource query limits:
The number of Application Insights resources that you can include in
a single query is limited to 100.
Cross-resource query is not supported in View Designer. You can Author a query in Log
Analytics and pin it to Azure dashboard and visualize a log search.
Cross-resource query in log alerts is supported in the new
scheduledQueryRules API. By default, Azure Monitor uses the legacy
Log Analytics Alert API for creating new log alert rules from Azure
portal, unless you switch from legacy Log Alerts API. After the
switch, the new API becomes the default for new alert rules in Azure
portal and it lets you create cross-resource query log alerts rules.
You can create cross-resource query log alert rules without making
the switch by using the ARM template for scheduledQueryRules API –
but this alert rule is manageable though scheduledQueryRules API and
not from Azure portal.
Documentation Reference - Cross-Resource Log queries in Azure Monitor
Hope the above information helps.
I have questions on using Azure Log Analytics for API Management. I cannot find more information on Azure Log Analytics with API Management.
Questions
What data is Log Analytics based on by default?
Do I need to specify or turn on what data Log Analytics is based on? Screenshot of Log Analytics tool are below
What data is in each field in red box under Log and Metric is on the screenshot below?
Below are two ways to add data to Log Analytics with APIM.
API within APIM
API under APIM instance -> Settings -> Azure Monitor -> enable it ->
Once it is enabled, it seems all the API instances under the APIM instance will use the settings. That is, data from ALL API instances instead of the one API instance will be added to Log Analytics.
Is this correct?
Under Diagnostics setting
APIM instance -> Diagnostics settings -> Add diagnostic setting
This will show up the screenshot above.
Below is all tables shown under Log Analytics tool
How to integrate Azure API Management with Azure Application Insights has no info on Log Analytics.
Get started with Azure Monitor Log Analytics
Great questions!
AFAIK the answer to your question #1 is, log data (telemetry) is collected by Azure Monitor which is stored in a Log Analytis workspace, which is based on Azure Data Explorer. For more information, please refer https://learn.microsoft.com/en-us/azure/azure-monitor/log-query/log-query-overview and https://learn.microsoft.com/en-us/azure/azure-monitor/.
In your case when you try to turn on Log Analytics for APIM then APIM related log data (telemetry) is stored in your Log Analytics workspace repository. To know that APIM related log data and its metrics and dimensions, please refer https://learn.microsoft.com/en-us/azure/azure-monitor/platform/metrics-supported#microsoftapimanagementservice
AFAIK the answer to your question #2 is yes you need to specify or turn on what all APIM related Log Analytics data needs to be stored in your Log Analytics workspace repository.
IMHO the answer to your question #3 is covered in the answer of question #1.
To understand the APIM log metrics better, I suggest you to go to your APIM resource in Azure portal and go to Metrics tile and create new charts for all the available metrics like capacity, gateway requests, eventhub events. Also you may refer https://learn.microsoft.com/en-us/azure/api-management/api-management-capacity and https://learn.microsoft.com/en-us/azure/api-management/api-management-howto-log-event-hubs
Hope this helps!!
Can the windows diagnostic do the same as the OMS extension in terms of getting performance counter information and event details? Is there a reason to use the OMS extension over WAD for event/performance information?
Can the windows diagnostic do the same as the OMS extension in terms
of getting performance counter information and event details?
WAD: This uses Azure Diagnostics agent for single VM.
OMS: When you use OMS to monitor your VM or multiple Vs, The OMS collect data from Microsoft Monitoring Agent by default. However, OMS can collect data from managed resources into a central repository. This data could include events, performance data, or custom data provided through the API. So, OMS can also use the WAD's data through the storage account which contains the agent's data.
So, OMS has more features than WAD. Also as #4c74356b41 said, if you want to monitor one VM, WAD is enough to achieve that.
Is there a reason to use the OMS extension over WAD for
event/performance information?
OMS focus on collecting data from different place and Log Analytics.
It can collect data from Windows/Linux VMs, Azure services and Data Collector API.
Reporting and analyzing data is the most important feature of OMS. Alerting can also be configured in OMS.
Azure Automation provides process automation and configuration management to OMS.
Over all, if you want to do Analytics from multiple service, OMS is the best choice. If you only want to monitor a single VM rather doing other things, WAD is enough.
if you are looking at performance from one vm - no.
but there is a chance you have more than one vm oms extension suddenly gets more interesting, as you can look at all of the vms at the same time, setup alerts, actions etc.
Currently I am logging my custom log messages to an Azure Table.
Now I need to automatically trigger the sending of emails based on log types and also need to generate an analysis report from the log messages.
Which service is more suitable to get this done? Azure Application Insights or Azure Log Analytics?
I think Application Insights will fit both - creating reports as well as sending out emails. You can do the same with Log Snalytics but the difference is, is that Log Analytics is basically a logical storage of all your log data and you can create custom reports, alerts etc. across many different services, also, everything can be nicely visualized in OMS.
As being said in the comments, you need to describe a bit more about the scenario.