Scheduling Log Analytics queries to run in Microsoft Flow | Quisitive
Solutions
Integration & Consulting
Help you move, operate, innnovate and thrive within the Microsoft clouds.
Application Development
Data & Analytics
Artificial Intelligence (AI)
Business Applications
Security
Digital Workplace
Infrastructure
Product Development
Technology
Explore the full list of technologies that our expert consultants can support.
Azure
Microsoft Teams
Microsoft 365
Power Platform
Dynamics 365
Power BI
Microsoft Copilot
Power Apps
Azure OpenAI
Sharepoint
Microsoft Fabric
Microsoft Sentinel
Azure Synapse
Windows
SQL Server
ERP Technologies
System Center
Microsoft Viva
Azure Virtual Desktop
Business Needs
Departmental solutions to ensure cloud and technology enablement across every area of your business.
Sales & Marketing
Operations
Human Resources
Finance & Accounting
Customer Service
Localization Services
Help you translate software so you can capture new business worldwide.
Language Engineering & NLP
Translations & Localization
Licensing
Experts in Microsoft cloud licensing and optimizing costs for your business.
Products
EmPerform
Provide people managers with flexible employee performance management software.
PowerGov
Engage citizens with a community development app for city maintenance and management.
MazikCare
Embrace patient-centered, collaborative care with our suite of real-time health solutions.
Care Path
Care Provider Link
Care Supply
Payer Matrix
Data Fusion
AMS
Deliver on your cloud strategy with a team that continuously monitors, improves, and optimizes your Azure environment.
ShopFloor
Empower production managers with cutting-edge manufacturing process management.
Spyglass
Take a proactive, continuous approach to optimizing your security environment and strategy.
Velocity Insights
Monitor, analyze, and prioritize .NET, JavaScript or Node JS errors – all on one dashboard.
Managed Services
Azure Management Services
Deliver on your cloud strategy with a team that continuously monitors, improves, and optimizes your Azure environment.
Dynamics Program
Ensure the health of your Dynamics environments, optimize usage and encourage user adoption.
Data & AI Program
Operational support for running, monitoring and managing services for the Azure Data Platform.
App Dev Program
Ongoing enhancements, app security, DevOps and reporting for apps running in Azure.
Digital Workplace Program
Optimize Microsoft 365 security, usage and user adoption with our digital workplace experts.
Security Program
Take a proactive, continuous approach to optimizing your security environment and strategy.
Power Platform Program
Get an extension of your team that ensures the health of your Power Platform.
Quisitive Flex
Routine support services and environment management for critical Microsoft systems
AI Managed Services
Support for your AI technologies & ongoing strategic coaching to take your AI initiatives to the next level.
Industries
Manufacturing
Education
Public Sector
Financial Services
Healthcare
Energy
Retail
Software
Resources
Blogs
Case Studies
Library
Newsletters
Events
News
Learning Channels
About
Investors
Leadership
Microsoft
Our Approach
Our Partners
Our Story
Awards & Recognition
Careers
Support
Contact us
Solutions
Back
Solutions
Integration & Consulting
Application Development
Data & Analytics
Artificial Intelligence (AI)
Business Applications
Security
Digital Workplace
Infrastructure
Product Development
Technology
Azure OpenAI
Microsoft Copilot
Microsoft Fabric
Azure
Azure Synapse
Azure Virtual Desktop
System Center
SQL Server
Microsoft Sentinel
Microsoft 365
Sharepoint
Microsoft Teams
Microsoft Viva
Windows
Power Platform
Power BI
Power Apps
Dynamics 365
ERP Technologies
Business Needs
Sales & Marketing
Operations
Human Resources
Finance & Accounting
Customer Service
Localization Services
Language Engineering & NLP
Translations & Localization
Licensing
Products
Back
Products
EmPerform
MazikCare
Care Path
Care Provider Link
Care Supply
Payer Matrix
Data Fusion
ShopFloor
Velocity Insights
PowerGov
AMS
Spyglass
Managed Services
Back
Managed Services
AI Managed Services
Azure Management Services
Data & AI Program
Digital Workplace Program
Power Platform Program
Security Program
Dynamics Program
App Dev Program
Quisitive Flex
Industries
Back
Industries
Manufacturing
Healthcare
Education
Energy
Public Sector
Retail
Financial Services
Software
Resources
Back
Resources
Blogs
Events
Case Studies
News
Library
Learning Channels
Newsletters
Investors
Back
Investors
Financial Reports & Results
Investor News
Earning calls
Contact
Contact us
About
Back
About
Our Story
Investors
Microsoft
Leadership
Our Partners
Awards & Recognition
Our Approach
Careers
Support
Search
Back
Terms of use
Privacy policy
Scheduling Log Analytics queries to run in Microsoft Flow
May 10, 2018
Cameron Fuller
In the previous blog post we created a query in Log Analytics which determined whether or not it makes sense to open the windows in a house. In this blog post we will use Microsoft Flow to run the query which we scheduled on an hourly basis. And we can perform tasks based upon the […]

In the previous blog post we created a query in Log Analytics which determined whether or not it makes sense to open the windows in a house. In this blog post we will use Microsoft Flow to run the query which we scheduled on an hourly basis. And we can perform tasks based upon the results of the query (including writing back different data into Log Analytics).

To build this we will work through the following steps:

  • Creating a new Flow
  • Scheduling the Log Analytics query to run in Microsoft Flow
  • Running the query
  • Setting up a condition based on the query
  • Send an email (diagnostic)
  • Acknowledging if the task was done
  • Setting up a condition for if the approval was accepted
  • Writing status back to Log Analytics
  • The end result in Flow
  • A note on debugging an issue writing to Log Analytics

Creating a new Flow:

In Flow it’s easy to create your own Flow’s from an existing template or to import an existing flow. For this example we are going to use the “Create from blank” option.

We skip past the common items and instead use the option to “Search hundreds of connectors and triggers”

Next we search for “Schedule” as this is how we’ll get it to schedule our Flow to run.

Scheduling the Log Analytics query to run in Microsoft Flow:

For this example we schedule the recurrence to run hourly (remember, in the previous blog post we designed the query so it can exclude specific hours of the day). We also set the time zone.

Running the query:

We can add an action below the recurrence to query log analytics. For this one we search on Log Analytics.

We are going to use “Run query and list results”. Specify your subscription, resource group and workspace name and transfer in your Log Analytics query.

Setting up a condition based on the query:

Now we add a condition based on the results of the query. If our WeatherFlag = 2 this indicates that we should open the windows. Otherwise we should not.

Send an email (diagnostic):

While I was developing this I put an action under both the success and failure conditions to send an email so that I knew that the job had run and had made it this far.

Each of these were basically identical except for indicating the subject and body contents. The yes option (IE open the windows) is below.

The no option (IE don’t open the windows) is below:

NOTE: Once debugging of the Flow has been completed, the no option should be removed to avoid spamming the email address on an hourly basis when it is not time to open windows. Additionally the yes email option will also probably be removed as the approval process would also be sending an email.

Acknowledging if the task was done:

Next we use an approval step to indicate whether the option was or was not chosen to open the windows (again, this will hopefully be used when I’m writing the “Close the windows” part of this blog series.

Was the approval accepted?

We add a new condition after the start of the approval which checks for the results of the approval.

So that if the response is positive it will continue on to the final step in this version of the Flow.

Writing status back to Log Analytics:

Finally (at least for this blog post), we write back to Log Analytics indicating that the windows were opened. We use the “Send Data” capability for this.

We need to create a simple JSON file which just indicates that the action was taken to open the window. This is the simplest JSON I could imagine J

{

“OpenWindow”: 1

}

And we assigned it a custom log name (WindowsState) which should appear in Log Analytics as WindowsState_CL. Here’s a sample of the resulting data in Log Analytics.

What is the end result in Flow?

The end result in Flow gives us a scheduled task which runs a query. That branches into two conditions. The success condition sends an email and then an approval. If the approval is positive it then writes data back into Log Analytics indicating that state. The graphic below shows the high level for how the flow works.

A note on debugging an issue writing to Log Analytics:

I did run into one error when trying to write to Log Analytics where it was consistently returning a status code of 500 (shown below).

The resolution was to define the workspace key on the connection for Azure Log Analytics Data Collector. (Thank you to Donnie!)

Summary: It really simple to develop some pretty complex processes using Flow! Using Microsoft Flow we can not only schedule queries against Log Analytics, we can also take actions based on the results of the query, send notifications and approvals, and even write back results into Log Analytics! In the next blog post of this series we’ll go into how to debug complex queries in Log Analytics.

Related posts
|
Read more
General Quisitive gradient background
Uncategorized | 19 Jul
How to Recover from the Recent CrowdStrike Outage
Read more
Austin AI Innovation Lab or Public Sector Event Feature Image
Uncategorized | 11 Jul
Register Now: Austin AI Innovation Lab for Public Sector
Read more
Dallas AI Innovation Lab or Public Sector Event Feature Image
Uncategorized | 11 Jul
Register Now: Dallas AI Innovation Lab for Public Sector
Read more