Querying Azure Log Analytics from C# application

Question

I am struggling for the past few day to query custom logs from Azure Log Analytics. I've been following tutorial provided by Microsoft from https://dev.int.loganalytics.io/documentation/1-Tutorials/Direct-API but I keep getting 403. I granted all permission on the workspace to my Azure Application Here is a simple application code I am using to try to query ALA Workspace

static async Task Main(string[] args)
    {

        String tenantId = "??????????????????????????????????";
        String applicationId = "??????????????????????????????????";";
        String applictionSecretKey = "??????????????????????????????????";;
        String token;

        using (var client = new HttpClient())
        {
            client.DefaultRequestHeaders.Accept.Clear();
            client.DefaultRequestHeaders.Accept.Add(new MediaTypeWithQualityHeaderValue("application/json"));

            Dictionary<String, String> requestData = new Dictionary<String, String>();
            requestData.Add("grant_type", "client_credentials");
            requestData.Add("client_id", applicationId);
            requestData.Add("client_secret", applictionSecretKey);
            requestData.Add("resource", "https://api.loganalytics.io/");
            FormUrlEncodedContent requestBody = new FormUrlEncodedContent(requestData);

            var request = await client.PostAsync($"https://login.microsoftonline.com/{tenantId}/oauth2/token", requestBody);
            var response = await request.Content.ReadAsStringAsync();
            token = JsonConvert.DeserializeObject<dynamic>(response).access_token;

        }

        String workspaceId = "??????????????????????????????????";;

        String query = JsonConvert.SerializeObject(new
        {
            query = "ApplicationLog_CL | take 10",
            timespan = "PT12H"
        });
        using (var client = new HttpClient())
        {
            client.DefaultRequestHeaders.Accept.Clear();
            client.DefaultRequestHeaders.Accept.Add(new MediaTypeWithQualityHeaderValue("application/json"));
            client.DefaultRequestHeaders.Authorization = new AuthenticationHeaderValue("Bearer", token);

            var postContent = new StringContent(query, Encoding.UTF8, "application/json");
            var response = await client.PostAsync($"https://api.loganalytics.io/v1/workspaces/{workspaceId}/query", postContent);

            HttpContent responseContent = response.Content;
            var content = await response.Content.ReadAsStringAsync();

            Console.WriteLine(content);

        }



        Console.ReadKey();
    }

I keep getting 403 response from ALA API. Any clue what I am missing here?

Joey Cai Joey Cai · Accepted Answer · 2018-12-25T07:05:42

According to the tutorial you provided, I test in my site and it works very well.

Here are some ways you could troubleshooting.

1.When you add role in Access control, you could add the AAD registered app which name is AIDemoApp like tutorial.

And the Log Analytics API permission is add in AAD.

2.Change new MediaTypeWithQualityHeaderValue("application/json") to new MediaTypeWithQualityHeaderValue("application/x-www-form-urlencoded").

3.After adding Permission in the registered app in AAD, click Grant Permission.

Querying Azure Log Analytics from C# application

1 Answers