Adding alerts for Log Analytics in Azure | Quisitive

In the previous blog post I discussed how to extend your Log Analytics alerts in Azure. Once you are extended into Azure there are two methods available to create new alerts which we will discuss in this blog (the easier one is via Log Search the other is in Monitor / Alerts).

Creating an alert from Log Search in Azure

The easy approach to create a new alert is to open Log Search in Azure as part of Log Analytics. To do this, open Log Analytics in Azure.

Then open the name of your workspace.

And then open up Log Search.

Paste in your favorite alert query from Log Analytics and then run it.

Once the query has been run you can choose the option to create a “New Alert Rule” as shown below.

This benefit to this approach is that it pre-populates the alert condition with the correct alert target and the alert criteria (you may need to tweak the alert criteria from your original alert).

Define alert condition

Next you define the alert details including the alert rule name (which cannot contain several character types per this message), the description, severity, and whether or not to enable the rule on creation and whether or not to suppress alerts.