Last week Microsoft began releasing what may be termed the most significant update Log Analytics from date of issue. Among the main changes introduced in the new version of Log Analytics are a powerful new query language, the introduction of the new Advanced Analytics portal and greater integration with Power BI. In this article we will see how to upgrade and the main features of the new features.
How to update Log Analytics
The upgrade process is very simple and is gradually affecting the workspace who present in all region of Azure. When the update is available for your workspace you will see a notification in the portal banner OMS or directly in the Log Analytics of the portal Azure:
Figure 1 – Banners that notifies the availability of Log Analytics
With a simple click on the banner leads to the following summary screen that summarizes the changes introduced by the update and that you use to start the upgrade process by selecting the appropriate button:
Figure 2 – Upgrade of Log Analytics
The upgrade must be performed by an administrator of the workspace who and the upgrade process takes a few minutes, at the end of which all artifacts like saved searches, the alert rule, computer groups and views created by using the View Designer are automatically converted to the new language of Log Analytics. The research included in the solution are not converted automatically during the upgrade, but would like to convert on the fly and transparently to the user at the time of the opening of the same.
During the upgrade process creates a full backup of the workspace, useful in case there is a need to revert to the previous version. Recovery is possible directly from the portal OMS:
Figure 3 – Restore the workspace Log Analytics legacy
When this update is optional, but in the future will be forced by Microsoft by talking to advance the date of the conversion of the workspace.
New query building language
After upgrading you can take advantage of the potential of the new language for creating queries. We carry the main features:
- This is a simple and easy-to-understand language where you can use constructs closer to natural language.
- The output of a query can be correlated (piped) with other commands in order to create more complex queries than was possible with the previous language.
- Supports the use of extended field calculated in real time and can be used to compose complex queries.
- Improved advanced features that allow you to join tables based on multiple fields, inner join, outer joins and join using the extended field.
- Are made available more functionality for operations involving functions based on date and time.
- Use advanced algorithms for evaluation of patterns in dataset and compare different sets of data.
- Supports inserting comments in queries, always useful when troubleshooting and to facilitate understanding of queries written by others.
Listed above are just some of the many new features that are introduced, but for more details about the new build Log Analytics query language I invite you to consult the official site specially created that contains a complete guide, tutorials and examples.
Figure 4 -Example of query written in the new language that creates a chart with daily alerts by severity
For those who already have a good familiarity with the previous generation of query language, you can use the converter that is added when upgrading your workspace and that converts queries written with language legacy in new language:
Figure 5 -Example of converting a query
Useful also Legacy to new Azure Log Analytics Query Language cheat sheet that allows you to make a quick comparison between the two languages bringing some statement of the most widely used.
Advanced Analytics Portal
With the introduction of new Advanced Analytics you can perform useful tasks when writing code that cannot be done directly from the portal of Log Analytics. Access to the portal Advanced Analytics can take place by selecting one of the following icons from Log Analytics Portal:
Figure 6 – Advanced Analytics Portal login
Thanks to this portal you get a better experience in interactive writing queries using a multi-line editing, emphasis on the context-aware syntax and a powerful integrated Viewer. The whole thing is very useful when troubleshooting, Diagnostics, trend analysis and to generate reports quickly.
Figure 7 – Query that computes and graphically displays the result of the CPU usage of a specific machine
With ease you can also create a quick visualization of the portal Advanced Analytics and make the pin in the same on a shared Azure Dashboard.
Integration with Power BI
Following this update you get even closer integration with Power BI, like Application Insights:
Figure 8 – Log Analytics integration scheme with Power BI
Through this integration you can use Power BI reports, publish and share them on PowerBI.com and enable automatic generation. For more details about I invite you to read the document Export Log Analytics data to Power BI.
Conclusions
This major upgrade of Log Analytics increases the potential of the tool allowing you to perform complex searches in a targeted and easy thanks to the new language introduced and enhances the potential of the solution due to better integration with Power BI. This new language and Advanced Analytics are already being used in Application Insights and this allows a homogeneous and consistent monitoring experience for different Azure services.
