Skip to main content

LSA payload update for fixes on 15-Jan

Published date: October 10, 2023

Log alerts are one of the alert types that are supported in Azure Monitor. Log alerts allow users to use a log analytics query to evaluate resources logs every set frequency, and fire an alert based on the results. Rules can trigger one or more actions using action groups. 

As a part of Log alerts payload, we are sending the fields ResultCount (Log Alerts V1), metricValue (Log Alerts V2).

  • ResultCount: That should contain the value of the number of records returned by the query. For metric measurement rules, the number or records that match the specific dimension combination. Unfortunately, today the resultCount of the last evaluation which met the threshold and not of the evaluation which fired the alert as in “Metric Alerts”.
  • metricValue: that should contain the metric value at the time that it violated the threshold. Unfortunately, today the result is always null.

On the 15-Jan we are going to fix those 2 values to contain the correct values according to our other alerts services.

For more details on the Log search scheme, you can see here.

  • Alerts
  • Compliance
  • Features
  • Services