General availability: Metric alerts for logs
Published date: 18 October, 2018
Metric alerts for logs enable you to use data from Azure Log Analytics as Azure Monitor metrics. They are a fast, metric-based alert option for customers who use Log Analytics as their focal point for monitoring. The feature has moved from public preview to general availability.
Now users can create near real-time alerts for metrics obtained from logs for any workspace, in all Log Analytics regions. A full list of all supported metrics is documented as part of Azure Monitor.
To use Azure Monitor, ensure that your Log Analytics workspace has the requisite logs flowing in. Select the New alert tab to start creating a metric alert for the Log Analytics workspace to get the data in the logs piped into Azure Monitor. For more information about prerequisites, see the documentation.
As data from logs is transformed into metrics in Azure Monitor, the process is the same as creating a metric alert for any platform resource, like a virtual machine. In Alerts under Azure Monitor, choose your Log Analytics workspace as a target. Choose from the 60+ metrics now supported, including agent-based heartbeat/health, agent performance counters for Windows and Linux, Update Management and Windows events.
Metric alerts for logs pipe multi-dimensional metrics. For specific logs being converted into metrics, you can choose a specific dimension value or all existing dimension values or you can use “*” to indicate any present or future dimension values. So you can easily create a single metric alert for logs, for a metric that can span across all your resources.
If you are new to metric alerts for logs, we suggest reading the article Create Metric Alerts for Logs in Azure Monitor. If you are exploring metric alerts for the first time, see the article Understand how metric alerts work in Azure Monitor for more details. Pricing applicable for metric alerts will apply for metric alerts for logs. You can find details on the Azure Monitor pricing page.