Introduction to Azure Monitor Log Analytics
Azure Monitor is the name of a suite of solutions built within the Azure platform to collect logs and metrics, with that information then being used to create insights, visualizations, and automated responses. Log Analytics is one of the main services created to analyze the logs gathered. The platform supports near real-time scenarios, is automatically scaled, and is available to multiple services across Azure (including Microsoft Sentinel). The Kusto Query Language (KQL) is used to obtain information from logs, allows complex information to be queried quickly, and the queries can be saved for future use. In this book, we will refer to this service simply as Log Analytics.
To create a Log Analytics workspace, you must first have an Azure subscription. Each subscription is based on a specific geographic location that ties the data storage to that region. The region selection is decided based on where you want your data to be stored; consider...
