Azure Log Analytics
Azure Log Analytics is a service that helps you collect and analyze data generated by resources in your cloud and on-premises environments, providing query, management, and data collection APIs for monitoring and analytics.
APIs
Azure Log Analytics Query API
API for querying logs and data collected in Azure Log Analytics workspaces using Kusto Query Language (KQL), supporting both workspace-scoped and cross-workspace queries.
Azure Log Analytics Management API
API for managing Log Analytics workspaces, data sources, saved searches, linked services, storage insights, clusters, and tables through Azure Resource Manager.
Azure Log Analytics Ingestion API
API for sending custom log data to Azure Log Analytics workspaces using data collection rules and endpoints, supporting both custom and Azure tables.
Capabilities
Azure Log Analytics Log Monitoring and Analysis
Unified workflow for log monitoring and analysis combining the Query API for KQL-based data exploration, the Management API for workspace and saved search administration, and th...
Run with NaftikoFeatures
Full KQL query language support for complex log analytics and data exploration across cloud and on-premises resources.
Send custom log data from any source using the Logs Ingestion API with data collection rules and transformations.
Create, configure, and manage Log Analytics workspaces including data sources, retention policies, and access control.
Save and reuse KQL queries across workspace sessions for consistent monitoring and reporting.
Define data collection pipelines with transformations that shape incoming data before it reaches the workspace.
Query data across multiple Log Analytics workspaces in a single query for centralized analysis.
Point-and-click spreadsheet-like query experience for users who do not need full KQL knowledge.
Create alert rules directly from log queries to enable proactive monitoring and automated responses.
Activate and deactivate failover for workspace disaster recovery and high availability.
Export query results to Excel, CSV, Power BI, and Grafana dashboards for external analysis.
Use Cases
Collect and analyze logs from virtual machines, containers, and network resources to monitor infrastructure health.
Query security events and audit logs to investigate incidents and detect threats across Azure resources.
Analyze application logs and telemetry to identify performance bottlenecks and errors.
Collect and retain audit logs to meet regulatory compliance requirements and generate compliance reports.
Ingest custom log data from third-party systems and on-premises resources using the Logs Ingestion API.
Analyze resource usage patterns and log data to identify cost-saving opportunities across Azure deployments.
Integrations
Core integration with Azure Monitor for unified observability across metrics, logs, and traces.
Feed log data into Microsoft Sentinel for SIEM and SOAR capabilities.
Built on Azure Data Explorer engine, supports the same KQL query language for advanced analytics.
Export and visualize log query results in Power BI dashboards for business intelligence reporting.
Connect Azure Monitor Logs as a data source in managed Grafana dashboards for visualization.
Create interactive visual reports using log query results within Azure Workbooks.
Trigger automation runbooks based on log query results and alert rules.
Integrate log analytics alerts with Logic Apps workflows for automated incident response.
Combine application telemetry from Application Insights with infrastructure logs for full-stack observability.
Manage Log Analytics resources programmatically through Azure Resource Manager REST APIs.