Create Azure Alerts with query to monitor multiple VM's?

0
votes

I want to create an Azure Alert by custom log search. Ich wrote a query to monitor e.g. the Processor Usage and render the results in a timechart. This query works in the Analytics without problems, but when I provide this query to the custom log search, the timechart for the alert doesn't work, that means the diagram is completely wrong. But I didn't change anything...

My query:

Perf
| where CounterName == "% Processor Time" and ObjectName == "Processor" and InstanceName == "_Total"
| summarize AggregatedValue = avg(CounterValue) by bin(TimeGenerated, 1h), Computer
| render timechart

This query works fine in Logs:

Picture of the Query in Logs

And the result in the Alert configurations:

Picture of the query in alerts configuration

Did I forget something? I mean obviously I can use this feature with the custom log search otherwise I couldn't provide the query to the alert.

Thanks in Advance!

1
azureloggingalert

1 Answers

1
votes

What you see on the alert chart is that all 6 nodes report their % Processor time. If you want to be notified when on any node you the average % of processor time is > than certain number then try this:

Perf
| where CounterName == "% Processor Time" and ObjectName == "Processor" and     InstanceName == "_Total"
| summarize avgVal = avg(CounterValue) by Computer
| where avgVal > 80

On Alert logic chose to be notified when number of results is greater than 0. Period and frequency is up to you.