I am writing a query to evaluate a table schema across multiple work spaces to ensure we aren't encroaching the 500 column table limit. Once we are getting close it would trigger an Azure Alert. Since we can't directly control the schema of the default AzureDiagnsotics table this is an approach to be alerted when we might be crossing the max supported threshold.
The query returns results; however, while testing I notices the query would fail occasional when Log Analytics was updating the schema of the table. This occurred after I hooked up a different resource type to a workspace thus feeding it potentially new schema information.
It would throw the error that it couldn't summarize off of 'columnName'. The 'columnName' value would change over the course of time leading me to believe it was having issues reading the schema since an update was occurring. After a bit of time the query consistently returned with reuslts.
Here is a sample of the query:
workspace("workspace1").AzureDiagnostics
| getschema
| summarize count(ColumnName)
|project TotalColumns = count_ColumnName, Workspace = "workspace1"
| where TotalColumns >400
| union (
workspace("workspace2").AzureDiagnostics
| getschema
| summarize count(ColumnName)
|project TotalColumns = count_ColumnName, Workspace = "workspace2"
| where TotalColumns >400
)
My question is, is there a way to write a query similar to SQL w/ No Lock? That way it will still return the schema even if it isn't committed. (I've changed the where clause to be able to inspect records that come back).
