Skip to main content

Posts

Showing posts with the label Azure Log Analytics

Azure Data Explorer - Kusto Query - Get data for last 20 days

I n continuation to my previous post on ' Get Min/Max from each category ', this time let’s do one of the most demanded queries with filter criteria on date time field. For the purpose of simplicity and keep this article more focused, I have removed data from all the additional columns as shown below: GenerationDate DescriptionTitle DescriptionDetail FeedKey 2020-10-02 00:00:00:0000000 … … … 2020-10-21 00:00:00:0000000 … … … 2020-10-21 00:00:00:0000000 … … … 2020-10-21 00:00:00:0000000 … … … 2020-10-21 00:00:00:0000000 … … … 2020-10-22 00:00:00:0000000 … … … 2020-10-22 00:00:00:0000000 … … … Query description The idea is to fetch all the records, which occurred in past 20 days of GenerationDate . Approaches Now to achieve our expected result, there could be more than a way.   One way could be: Approach 1 Find out the date which fall exactly twenty days back using ago(…) and then use conditional operator (<= and >=) to achieve this result.  Above approach would

Azure Data Explorer - Kusto Query - Get Min/Max Within Each Category Filter

In continuation to my previous post on 'Get Categorial Count' , this time let’s get our hands dirty with one more query related to filter criteria for date time field. Below is the sample data on which we are going to query: GenerationDate IngestionTime DescriptionTitle DescriptionDetail FeedKey 2020-05-21 00:00:00:0000000 2020-05-25 02:00:00:0000000 Schedule Task Read feed from server 1 acbf-uhef-4t5i-dfff 2020-05-21 00:00:00:0000000 2020-05-25 03:00:00:3000000 Schedule Task Read feed from server 1 acbf-uhef-4t5i-dfff 2020-05-21 00:00:00:0000000 2020-05-25 03:00:00:3500000 Schedule Task Read feed from server 1 acbf-uhef-4t5i-dfff 2020-05-21 00:00:00:0000000 2020-05-25 03:00:00:3000000 Monitoring Task Monitoring failed for LOC lcbf-u78f-4

Azure Data Explorer - Kusto Query - Get Categorial Count

I t’s been a while since I started working on data analysis part. When it comes to data analysis, it’s all about how efficiently one can filter and fetch the small set of useful data from humongous collection. I used Kusto Query Language (KQL) for writing advanced queries for Azure Log Analytics. At first, when you will start writing queries, it would be very daunting and keeping that in mind, I thought, I should share a few of those queries which could save huge on the beginner’s time. Hence, my next few posts would be mostly based on how to achieve expected output using KQL . So, let’s get started with a simple scenario first. Below is the sample data on which we are going to query: GenerationDate IngestionTime DescriptionTitle DescriptionDetail FeedKey 2020-05-21 00:00:00:0000000 2020-05-25 02:00:00:0000000 Schedule Task Read feed from server 1 acbf-uhef-4t5i-dfff 2020-0