Azure Monitor Log Analytics UI updates – June 2019
Published date: 23 July, 2019
Here are the Azure Monitor Log Analytics UI updates for June 2019:
Log Analytics dashboard picker
Log Analytics dashboards can visualise Log Analytics queries, giving you the ability to find, correlate and share IT operational data in the organisation.
We have improved our pin to dashboard process, making it more intuitive and aligned with other similar processes on Azure
Read more about Azure dashboards and how to pin Azure Monitor Logs queries to a dashboard in this article.
New grid controls for Extend, Include and Exclude functions
Log Analytics queries provide a lot of functionality and power to analyse and query logs.
We added new controls to allow quicker insights by allowing more actions from the result set in the UI:
The include function will add a where clause to the query – that will only filter records that comply with the condition, in this example, clicking the “= include” button will create the following where clause in the query:
|where TenantId == "50e1c476-7a43-4a49-a683-65f0c96fd3e7"
In a similar way, the exclude function will filter out records from the query:
|where TenantId != "50e1c476-7a43-4a49-a683-65f0c96fd3e7"
The new Extend column control is very handy in cases where a query contains a nested JSON in one of the columns. Clicking the Extend column control will create an extend clause in the query for the data element selected.
Query optimisation tools
Azure Monitor Logs is a very flexible system, allowing the composition of a variety of queries spanning multiple sources of data.
In some cases, queries can become so complex that they can’t be completed in reasonable time.
One of the main reasons for this is queries running on multiple Log Analytics workspaces in different regions.
To read more about how Azure Monitor Logs is configured, follow this link.
To help with this, we have created an optimisation system designed to allow the scoping down on queries by explicitly selecting the data regions for the query to run against.
In cases where Azure Monitor Logs detects a query that is not optimal, it will provide an actionable alert:
You will than be able to select a data region scope for the query to execute against, making the query more optimal:
Please note that sub-optimal queries may not be operationalised – therefore some options such as export to Power BI and Pin to dashboard will not be available until the query has been optimised.
To read more about query limitations in Azure Monitor Logs, follow this link.
Try out these new portal updates today and let us know your feedback.