Log Analytics workspace

E828324

Azure resource log data store monitoring workspace telemetry data store

Log Analytics workspace is an Azure cloud data store that centralizes, indexes, and queries telemetry and log data collected from various resources for monitoring, analysis, and troubleshooting.

Jump to: Statements Referenced by

Statements (54)

Predicate	Object
instanceOf	Azure resource ⓘ log data store ⓘ monitoring workspace ⓘ telemetry data store ⓘ
canBeLinkedTo	Automation accounts (for runbooks) NERFINISHED ⓘ Microsoft Sentinel NERFINISHED ⓘ
collectsFrom	Arc-enabled servers ⓘ Azure Application Insights (via export) NERFINISHED ⓘ Azure Diagnostics extension NERFINISHED ⓘ Azure Kubernetes Service NERFINISHED ⓘ Azure Monitor agents NERFINISHED ⓘ Azure PaaS services ⓘ Azure platform logs ⓘ Azure virtual machines ⓘ network devices (via diagnostics and agents) ⓘ on-premises servers (via agents) ⓘ
configuredIn	Azure portal NERFINISHED ⓘ
enables	capacity and performance analysis ⓘ compliance and audit reporting ⓘ root cause analysis of incidents ⓘ
hasCapability	analytics ⓘ centralized log collection ⓘ log indexing ⓘ log querying ⓘ monitoring ⓘ telemetry aggregation ⓘ troubleshooting support ⓘ
hasProperty	Azure region ⓘ data retention period ⓘ pricing tier ⓘ resource group association ⓘ subscription association ⓘ workspace name ⓘ
identifiedBy	Azure resource ID ⓘ
partOf	Azure Monitor NERFINISHED ⓘ
providedBy	Microsoft Azure NERFINISHED ⓘ
stores	log data ⓘ metrics data (via Azure Monitor integration) ⓘ telemetry data ⓘ
supports	Azure Monitor Agent NERFINISHED ⓘ Diagnostic settings ingestion ⓘ Log Analytics agent (legacy) NERFINISHED ⓘ alerts (via Azure Monitor alerts) ⓘ cross-resource queries ⓘ data export ⓘ data retention policies ⓘ role-based access control ⓘ saved queries ⓘ solutions and insights packs ⓘ workbooks ⓘ
supportsFeature	Kusto Query Language NERFINISHED ⓘ
usedFor	operational monitoring ⓘ security monitoring (with Microsoft Sentinel) ⓘ
uses	Kusto Query Language NERFINISHED ⓘ

Referenced by (1)

Full triples — surface form annotated when it differs from this entity's canonical label.

Azure Monitor → storesLogsIn → Log Analytics workspace ⓘ