If you saw my Update Management post on Workbooks you know I really like them. But if you read that post then you also know I really want a way for my workbooks to dynamically select resources, or in my case dynamically select all my Log Analytics workspaces. Well I found out how to do …
Have you checked out the Case scalar function? If not this post is all about what the capabilities of Case scalar function are. However, as I mentioned previously, there is a lot of good documentation around Kusto, and then there are others that could use more documentation, this is one of those examples. From the …
Are you using Azure Automation Update Management? If not why not? It’s free for your Azure VMs. You can also use the Log Analytics portion by itself to track Update status. That said, the default dashboards are just OK, but are impossible to use with multiple subscriptions. Especially if you have multiple Log Analytics workspaces …
Inside Log Analytics and therefore many other products that use Kusto, we have many options to play with time. In this post I’ll show real world examples when working with time in Log Analytics. In particular how to use Timespans, Datetime and Time Difference in Kusto. For the purposes of this post all examples will …
As with anything in Azure there are multiple ways to skin a cat. We can send logs to our Azure Monitor Log Analytics workspace with powershell. Or we can use a powershell based Azure Function, however, in this post I’ll show you how to grab data from an API and use that data to create …
Last year I did a project building monitoring in Log Analytics for Windows Virtual Desktop (WVD). I am providing these Log Analytics WVD Query Examples as is to help anyone that may be wanting to monitor WVD with Log Analytics. You can find the full github repo here These are some example queries based on …
When we’re building JSON payload in Powershell, there are a number of things to consider. What are our object types in Powershell? How to combine multiple Powershell Objects to one JSON object? How is the API going to read and parse that payload? For the purposes of this post I’ll be demoing against the Log …