Adding most Windows Event Logs to Log Analytics is a straightforward process. Simply go to the Advanced properties in the Workspace > Windows Event Logs and start typing the name. A pre-populated list will appear as shown below. Selected the log and add it for collection. But what if the log you are looking for is not listed in Log Analytics? Continue reading “Collect Custom Windows Event Logs in Log Analytics”
My first article posted at 4sysops on setting up an Azure Monitor workspace in Log Analytics and onboarding Servers.
Computer Groups in Azure Log Analytics can easily be overlooked yet they are very useful. Computer Groups are based off custom log searches or linked to Active Directory, SCCM or WSUS and based off groups in those systems. Continue reading “Computer Groups In Azure Log Analytics”
This week I noticed an issue with no data showing in the Azure Network (Total), Network Out (Sum) and Network In (Sum) tile in the Azure Virtual Machine Overview. I recall noticing this before but couldn’t remember how long ago that was. Looking at other VM’s, most of my them were missing the Network Total information. The only servers that were showing data are virtual firewall appliances. Continue reading “No Data in Network Overview Tile”
In this video I demonstrate how to create and run Azure Automation PowerShell Runbooks from the Azure Portal. This includes editing, publishing and scheduling runbooks. I also walk through the setup and use of the Azure Automation PowerShell ISE Add-on. This module adds a graphical interface in PowerShell ISE for creating, testing and publishing Powershell and PowerShell Workflow Runbooks. More information on the ISE add-on here. Continue reading “Create and Run PowerShell Runbooks in Azure Automation”
This post will go over how to create an alert for Log Analytics that evaluates two recent time periods for comparison. It’s a little, let’s say, “in depth” as far as Log Analytics queries go. The alert is intended to trigger when a variable threshold is met based on the recent baseline as opposed to a static metric. Used with my PingTimeLog tool found here, alerts can be triggered if recent response time goes over a rolling average value. I also include a disk free space alert to identify when a large amount of data is added to a disk.
In this video I give a step-by-step demonstration on setting up and Azure Automation account and linking that account to an existing Log Analytics Workspace. The Azure Automation account allows for the creation and scheduling of Runbooks written in PowerShell, PowerShell Workflow or Python. Linking the Azure Automation account allows you to review and alert on the logs generated by Azure Automation. Continue reading “Azure Automation Setup and Linking to Log Analytics”
Machine Learning with Log Analytics
Machine Learning and Artificial Intelligence are all the rage and for good reason. While static grouping and sorting in Azure Log Analytics can help you break down data and find the source of issues, Machine Learning can point out issues or unusual relationships you may not even be aware of. It does this by identifying patterns that are not obvious or by detecting differences in data sets. In this post I go over the basics of the Basket, Autocluster and Diffpatterns Machine Learning queries that can be use in Azure Log Analytics, Azure Application Insight or Azure Security Center. Continue reading “Azure Machine Learning in Log Analytics”