Viewing alerts in Log Analytics
Azure Log Analytics is a service that collects telemetry data from various Azure resources and on-premises resources. All of that data is stored inside a Log Analytics workspace, which is based on Azure Data Explorer. It uses the Kusto Query Language, which is also used by Azure Data Explorer to retrieve and analyze the data.
Analyzing this data can be done from Azure Monitor. All of the analysis functionalities are integrated there. The term Log Analytics now primarily applies to the blade in the Azure portal where you can analyze metric data.
Before we can display, monitor, and query the logs from Azure Monitor, we need to create a Log Analytics workspace. For that, we have to follow these steps:
- Navigate to the Azure portal by opening https://portal.azure.com.
- Click on Create a resource.
- Type
Log Analyticsin the search box and create a new workspace. - Add the following values:
a) Log Analytics workspace: Type
PacktWorkspace(the name for this Log Analytics workspace needs to be unique; if the name is already taken, specify another name).b) Subscription: Select a subscription.
c) Resource group: Create a new one and call it
PacktWorkspace.d) Location: Select West US.
e) Pricing tier: Keep the default one, which is per GB.
- Click on the OK button to create the workspace.
Important note
You can also create this workspace from Azure Monitor. Go to the Azure Monitor blade, and under Insights in the left-hand menu, select More. When no workspace has been created, Azure will ask to create one.
Now that we have created a Log Analytics workspace, we can use it inside Azure Monitor to create some queries to retrieve data. We will do this in the next section.
