Introducing Log Analytics | Quisitive
Solutions
Integration & Consulting
Help you move, operate, innnovate and thrive within the Microsoft clouds.
Application Development
Data & Analytics
Artificial Intelligence (AI)
Business Applications
Security
Digital Workplace
Infrastructure
Product Development
Technology
Explore the full list of technologies that our expert consultants can support.
Azure
Microsoft Teams
Microsoft 365
Power Platform
Dynamics 365
Power BI
Microsoft Copilot
Power Apps
Azure OpenAI
Sharepoint
Microsoft Fabric
Microsoft Sentinel
Azure Synapse
Windows
SQL Server
ERP Technologies
System Center
Microsoft Viva
Azure Virtual Desktop
Business Needs
Departmental solutions to ensure cloud and technology enablement across every area of your business.
Sales & Marketing
Operations
Human Resources
Finance & Accounting
Customer Service
Localization Services
Help you translate software so you can capture new business worldwide.
Language Engineering & NLP
Translations & Localization
Licensing
Experts in Microsoft cloud licensing and optimizing costs for your business.
Products
EmPerform
Provide people managers with flexible employee performance management software.
Velocity Insights
Monitor, analyze, and prioritize .NET, JavaScript or Node JS errors – all on one dashboard.
AgeChecker.net
Ensure local and federal compliance with our age verification tool for retail.
PowerGov
Engage citizens with a community development app for city maintenance and management.
MazikCare
Embrace patient-centered, collaborative care with our suite of real-time health solutions.
Care Path
Care Provider Link
Care Supply
Payer Matrix
Data Fusion
AMS
Deliver on your cloud strategy with a team that continuously monitors, improves, and optimizes your Azure environment.
ShopFloor
Empower production managers with cutting-edge manufacturing process management.
Spyglass
Take a proactive, continuous approach to optimizing your security environment and strategy.
Managed Services
Azure Management Services
Deliver on your cloud strategy with a team that continuously monitors, improves, and optimizes your Azure environment.
App Dev Program
Ongoing enhancements, app security, DevOps and reporting for apps running in Azure.
Data & AI Program
Operational support for running, monitoring and managing services for the Azure Data Platform.
Dynamics Program
Ensure the health of your Dynamics environments, optimize usage and encourage user adoption.
Digital Workplace Program
Optimize Microsoft 365 security, usage and user adoption with our digital workplace experts.
Security Program
Take a proactive, continuous approach to optimizing your security environment and strategy.
Power Platform Program
Get an extension of your team that ensures the health of your Power Platform.
Quisitive Flex
Routine support services and environment management for critical Microsoft systems
Industries
Manufacturing
Education
Public Sector
Financial Services
Healthcare
Energy
Retail
Software
Resources
Blogs
Case Studies
Library
Newsletters
Events
News
Learning Channels
About
Investors
Leadership
Microsoft
Our Approach
Our Partners
Our Story
Awards & Recognition
Careers
Support
Contact us
Solutions
Back
Solutions
Integration & Consulting
Application Development
Data & Analytics
Artificial Intelligence (AI)
Business Applications
Security
Digital Workplace
Infrastructure
Product Development
Technology
Azure OpenAI
Microsoft Copilot
Microsoft Fabric
Azure
Azure Synapse
Azure Virtual Desktop
System Center
SQL Server
Microsoft Sentinel
Microsoft 365
Sharepoint
Microsoft Teams
Microsoft Viva
Windows
Power Platform
Power BI
Power Apps
Dynamics 365
ERP Technologies
Business Needs
Sales & Marketing
Operations
Human Resources
Finance & Accounting
Customer Service
Localization Services
Language Engineering & NLP
Translations & Localization
Licensing
Products
Back
Products
EmPerform
AgeChecker.net
MazikCare
Care Path
Care Provider Link
Care Supply
Payer Matrix
Data Fusion
ShopFloor
Velocity Insights
PowerGov
AMS
Spyglass
Managed Services
Back
Managed Services
Azure Management Services
Data & AI Program
Digital Workplace Program
Power Platform Program
App Dev Program
Dynamics Program
Security Program
Quisitive Flex
Industries
Back
Industries
Manufacturing
Healthcare
Education
Energy
Public Sector
Retail
Financial Services
Software
Resources
Back
Resources
Blogs
Events
Case Studies
News
Library
Learning Channels
Newsletters
Investors
Back
Investors
Financial Reports & Results
Investor News
Earning calls
Contact
Contact us
About
Back
About
Our Story
Investors
Microsoft
Leadership
Our Partners
Awards & Recognition
Our Approach
Careers
Support
Search
Back
Terms of use
Privacy policy
Introducing Log Analytics
April 19, 2021
Cameron Fuller
Welcome to the "Introducing" series. In this blog post, we will introduce one of the services that are available in Azure: Log Analytics.

Welcome to the “Introducing” series. In the previous blog post, we introduced Azure costing. In this blog post, we will introduce one of the services that are available in Azure: Log Analytics.

What are Logs & Metric Data?

In the Introducing IT Organizations section of this blog post series, we mentioned the underlying resources that need to be managed and maintained: Compute, Storage, and Network. Each of these types of resources has both events which occur related to them and performance indicators that tell how they are currently performing.

Event Logs: In Windows, Events can be informational, Warnings, Errors, or audit success/audit failure. Every time a user logs into a computer an event is written that indicates who logged on and when they logged on. If you are on Windows and you want to see what events are occurring on your system, open “eventvwr” and look around! (open start, and type eventvwr).

Metrics: Resources also write performance information regularly providing notifications as to how that resource is performing. If we take a compute resource (like your system), performance counters are gathered for the % processor time, disk queue, % free space, and a plethora of other counters. If you are on Windows and you want to see what events are occurring on your system, open either “taskmgr” (on the performance tab) or “perfmon” and see what is out there!

As an IT administrator, logs and metrics are key to understanding the health of an IT organization’s resources. Most organizations have hundreds (or thousands) of computers (including servers), as well as significant amounts of storage devices and network devices. With every computer, storage device and network device constantly writing both logs and metrics it should be obvious that one person cannot effectively watch all these directly by using tools like the ones mentioned above (eventvwr, taskmgr, and perfmon). Gathering all the relevant information and making it available in a single repository is where solutions like Log Analytics come into play.

What is Log Analytics?

Log Analytics provides a cloud-based repository where you can collect and store the events and performance information from your IT environment in a single location. This location is called a “workspace” in Log Analytics. Having this data in a single location makes it easier to see conditions that span multiple resources in an IT infrastructure. There are several benefits to gathering this data into a single location.

Root cause analysis: One of the common challenges in monitoring systems is to be able to effectively identify when a single resource is impacting the health of other resources. Let’s take a situation where a customer has a remote location that is connected by a dedicated network link. On one side of that link are the majority of the compute and network resources. On the other side of the link are several compute resources (servers). If the network link goes down, monitoring systems will indicate that both the network is down and that the servers on the other side of the link are down. In reality, the servers on the other side of the link are most likely not down but since the monitoring system cannot communicate with those resources it has to assume that they are offline. By writing the event and performance data from all of the resources into a single repository we can more easily identify that the root cause of this issue is the loss of the network link, not the loss of the network link and the servers on the other side of the link.

Identifying trends & forecasting: Another benefit to having a central repository for all this information is to identify trends across multiple systems. If a website runs across multiple compute resources, we can look at the performance counters on those resources to see what their utilization looks like. With enough historical information in place we can use that information to identify a trend (IE: is the website usage going up or down, is the CPU usage on the servers running the website going up or down), and we can forecast based on that same information to project forward. We could see that if the current set of compute resources will run out of available CPU in 90 days, then we should spin up an additional webserver (or increase the CPU resources available across the existing set of resources).

Creating custom logs: Log Analytics can be used to gather any type of data that you are interested in writing into it. As an example, we use Log Analytics to gather information for all of the automation steps that we do within our custom automation solution at Catapult. To learn Log Analytics I developed a method to gather solar electricity generation and to combine that with weather forecasting data to provide an estimated electrical generation based on weather conditions. With help from a friend, we even front-ended this via an Echo Show! These examples showcase how you can use Log Analytics to store any type of data that you want to store within it.

How to get data into Log Analytics

Data can be gathered by Log Analytics through a variety of methods including the following:

Windows and Linux Agents: The Log Analytics agent can be deployed to windows computers (client or server-based operating systems) and Linux systems to send data to Log Analytics by installing the agent and configuring a workspace ID and key.

System Center Operations Manager: If your organization has an existing instance of System Center Operations Manager (SCOM), it can be integrated with Log Analytics to send relevant data.

Azure-based resources: Azure Virtual Machines, Activity Logs, and Storage account log information can be easily configured to send data to Log Analytics.

Rest API: Log Analytics has a REST API-based approach to ingesting data. We commonly use a PowerShell script running in Azure Automation which calls the REST API to send data to Log Analytics.

Flow/LogicApps: You can even use no-code solutions such as Flow or LogicApps to write data to Log Analytics.

How is Log Analytics priced?

Log Analytics is priced based on the amount of data that you send to Log Analytics, how long that data is retained, and how much data is exported. For details on pricing check out the pricing calculator in the Azure Monitor section: Pricing – Azure Monitor | Microsoft Azure. This blog post also provides my top 10 approaches to minimizing writing non-required data to Log Analytics.

Series Navigation:

Related posts
|
Read more
Uncategorized | 21 Sep
Quisitive Named on the Dallas Business Journal’s Ninth Annual Middle Market 50 List
Read more
Uncategorized | 8 Sep
Event Closed: Approachable AI Phillidelphia
Read more
Uncategorized | 6 Sep
Event Closed: Approachable AI Dallas
Read more