Skip to content

Instantly share code, notes, and snippets.

@daniellee

daniellee/azure-log-analytics-sample-dashboard.json

Created April 24, 2020 06:48
Show Gist options

  • Select an option

    Learn more about clone URLs
  • Save daniellee/f6cfcc2b3afff6f2a2f9b31d353d803e to your computer and use it in GitHub Desktop.

Select an option

Learn more about clone URLs
Save daniellee/f6cfcc2b3afff6f2a2f9b31d353d803e to your computer and use it in GitHub Desktop.
Download ZIP
Sample dashboard for Azure Log Analytics
Raw
azure-log-analytics-sample-dashboard.json
{
"__inputs": [
{
"name": "DS_AZURE_MONITOR",
"label": "Azure Monitor",
"description": "",
"type": "datasource",
"pluginId": "grafana-azure-monitor-datasource",
"pluginName": "Azure Monitor"
}
],
"__requires": [
{
"type": "grafana",
"id": "grafana",
"name": "Grafana",
"version": "7.0.0-pre"
},
{
"type": "datasource",
"id": "grafana-azure-monitor-datasource",
"name": "Azure Monitor",
"version": "0.3.0"
},
{
"type": "panel",
"id": "graph",
"name": "Graph",
"version": ""
},
{
"type": "panel",
"id": "table-old",
"name": "Table (old)",
"version": ""
}
],
"annotations": {
"list": [
{
"builtIn": 1,
"datasource": "-- Grafana --",
"enable": true,
"hide": true,
"iconColor": "rgba(0, 211, 255, 1)",
"name": "Annotations & Alerts",
"type": "dashboard"
}
]
},
"editable": true,
"gnetId": null,
"graphTooltip": 0,
"id": null,
"iteration": 1587710853313,
"links": [],
"panels": [
{
"aliasColors": {},
"bars": false,
"dashLength": 10,
"dashes": false,
"datasource": "$ds",
"fieldConfig": {
"defaults": {
"custom": {}
},
"overrides": []
},
"fill": 1,
"fillGradient": 0,
"gridPos": {
"h": 7,
"w": 24,
"x": 0,
"y": 0
},
"hiddenSeries": false,
"id": 6,
"legend": {
"avg": false,
"current": false,
"max": false,
"min": false,
"show": true,
"total": false,
"values": false
},
"lines": true,
"linewidth": 1,
"nullPointMode": "null",
"options": {
"dataLinks": []
},
"percentage": false,
"pointradius": 2,
"points": false,
"renderer": "flot",
"seriesOverrides": [],
"spaceLength": 10,
"stack": false,
"steppedLine": false,
"targets": [
{
"appInsights": {
"dimension": "none",
"metricName": "select",
"rawQuery": false,
"rawQueryString": "",
"timeColumn": "timestamp",
"timeGrain": "auto",
"valueColumn": ""
},
"azureLogAnalytics": {
"query": "Perf\r\n| where ObjectName == \"$object\" and CounterName == \"$metric\"\n| where TimeGenerated >= $__timeFrom() and TimeGenerated <= $__timeTo()\n| where $__contains(Computer, $computer)\n| summarize avg(CounterValue) by bin(TimeGenerated, $__interval), Computer \n| order by TimeGenerated asc",
"resultFormat": "time_series",
"workspace": "$workspace"
},
"azureMonitor": {
"aggOptions": [],
"dimensionFilter": "*",
"metricDefinition": "select",
"metricName": "select",
"metricNamespace": "select",
"resourceGroup": "select",
"resourceName": "select",
"timeGrain": "auto",
"timeGrains": [],
"top": "10"
},
"queryType": "Azure Log Analytics",
"refId": "A",
"subscription": "44693801-6ee6-49de-9b2d-9106972f9572"
}
],
"thresholds": [],
"timeFrom": null,
"timeRegions": [],
"timeShift": null,
"title": "General - uses $object and $metric",
"tooltip": {
"shared": true,
"sort": 0,
"value_type": "individual"
},
"type": "graph",
"xaxis": {
"buckets": null,
"mode": "time",
"name": null,
"show": true,
"values": []
},
"yaxes": [
{
"format": "short",
"label": null,
"logBase": 1,
"max": null,
"min": null,
"show": true
},
{
"format": "short",
"label": null,
"logBase": 1,
"max": null,
"min": null,
"show": true
}
],
"yaxis": {
"align": false,
"alignLevel": null
}
},
{
"aliasColors": {},
"bars": false,
"dashLength": 10,
"dashes": false,
"datasource": "$ds",
"fieldConfig": {
"defaults": {
"custom": {}
},
"overrides": []
},
"fill": 1,
"fillGradient": 0,
"gridPos": {
"h": 7,
"w": 12,
"x": 0,
"y": 7
},
"hiddenSeries": false,
"id": 8,
"legend": {
"avg": false,
"current": false,
"max": false,
"min": false,
"show": true,
"total": false,
"values": false
},
"lines": true,
"linewidth": 1,
"nullPointMode": "null",
"options": {
"dataLinks": []
},
"percentage": false,
"pointradius": 2,
"points": false,
"renderer": "flot",
"seriesOverrides": [],
"spaceLength": 10,
"stack": false,
"steppedLine": false,
"targets": [
{
"appInsights": {
"dimension": "none",
"metricName": "select",
"rawQuery": false,
"rawQueryString": "",
"timeColumn": "timestamp",
"timeGrain": "auto",
"valueColumn": ""
},
"azureLogAnalytics": {
"query": "Perf\r\n| where ObjectName == \"LogicalDisk\" or // the object name used in Windows records\r\n ObjectName == \"Logical Disk\" // the object name used in Linux records\r\n| where CounterName == \"Free Megabytes\"\r\n| where $__contains(Computer, $computer)\n| where TimeGenerated >= $__timeFrom() and TimeGenerated <= $__timeTo()\n| summarize avg(CounterValue) by bin(TimeGenerated, $__interval), Computer \n| order by TimeGenerated asc",
"resultFormat": "time_series",
"workspace": "$workspace"
},
"azureMonitor": {
"aggOptions": [],
"dimensionFilter": "*",
"metricDefinition": "select",
"metricName": "select",
"metricNamespace": "select",
"resourceGroup": "select",
"resourceName": "select",
"timeGrain": "auto",
"timeGrains": [],
"top": "10"
},
"queryType": "Azure Log Analytics",
"refId": "A",
"subscription": "44693801-6ee6-49de-9b2d-9106972f9572"
}
],
"thresholds": [],
"timeFrom": null,
"timeRegions": [],
"timeShift": null,
"title": "Disk - Free Megabytes",
"tooltip": {
"shared": true,
"sort": 0,
"value_type": "individual"
},
"type": "graph",
"xaxis": {
"buckets": null,
"mode": "time",
"name": null,
"show": true,
"values": []
},
"yaxes": [
{
"format": "short",
"label": null,
"logBase": 1,
"max": null,
"min": null,
"show": true
},
{
"format": "short",
"label": null,
"logBase": 1,
"max": null,
"min": null,
"show": true
}
],
"yaxis": {
"align": false,
"alignLevel": null
}
},
{
"aliasColors": {},
"bars": false,
"dashLength": 10,
"dashes": false,
"datasource": "$ds",
"description": "",
"fieldConfig": {
"defaults": {
"custom": {}
},
"overrides": []
},
"fill": 1,
"fillGradient": 0,
"gridPos": {
"h": 7,
"w": 12,
"x": 12,
"y": 7
},
"hiddenSeries": false,
"id": 7,
"legend": {
"avg": false,
"current": false,
"max": false,
"min": false,
"show": true,
"total": false,
"values": false
},
"lines": true,
"linewidth": 1,
"nullPointMode": "null",
"options": {
"dataLinks": []
},
"percentage": false,
"pointradius": 2,
"points": false,
"renderer": "flot",
"seriesOverrides": [],
"spaceLength": 10,
"stack": false,
"steppedLine": false,
"targets": [
{
"appInsights": {
"dimension": "none",
"metricName": "select",
"rawQuery": false,
"rawQueryString": "",
"timeColumn": "timestamp",
"timeGrain": "auto",
"valueColumn": ""
},
"azureLogAnalytics": {
"query": "Perf\r\n| where ObjectName == \"LogicalDisk\" or // the object name used in Windows records\r\n ObjectName == \"Logical Disk\" // the object name used in Linux records\r\n| where CounterName == \"% Used Space\"\r // for Windows, it's the opposite: or CounterName == \"% Free Space\"\n| where $__contains(Computer, $computer)\n| where TimeGenerated >= $__timeFrom() and TimeGenerated <= $__timeTo()\n| summarize avg(CounterValue) by bin(TimeGenerated, $__interval), Computer \n| order by TimeGenerated asc",
"resultFormat": "time_series",
"workspace": "$workspace"
},
"azureMonitor": {
"aggOptions": [],
"dimensionFilter": "*",
"metricDefinition": "select",
"metricName": "select",
"metricNamespace": "select",
"resourceGroup": "select",
"resourceName": "select",
"timeGrain": "auto",
"timeGrains": [],
"top": "10"
},
"queryType": "Azure Log Analytics",
"refId": "A",
"subscription": "44693801-6ee6-49de-9b2d-9106972f9572"
}
],
"thresholds": [],
"timeFrom": null,
"timeRegions": [],
"timeShift": null,
"title": "Disk - % Used Space",
"tooltip": {
"shared": true,
"sort": 0,
"value_type": "individual"
},
"type": "graph",
"xaxis": {
"buckets": null,
"mode": "time",
"name": null,
"show": true,
"values": []
},
"yaxes": [
{
"format": "percent",
"label": null,
"logBase": 1,
"max": null,
"min": null,
"show": true
},
{
"format": "short",
"label": null,
"logBase": 1,
"max": null,
"min": null,
"show": true
}
],
"yaxis": {
"align": false,
"alignLevel": null
}
},
{
"aliasColors": {},
"bars": false,
"dashLength": 10,
"dashes": false,
"datasource": "$ds",
"fieldConfig": {
"defaults": {
"custom": {}
},
"overrides": []
},
"fill": 1,
"fillGradient": 0,
"gridPos": {
"h": 7,
"w": 12,
"x": 0,
"y": 14
},
"hiddenSeries": false,
"id": 9,
"legend": {
"avg": false,
"current": false,
"max": false,
"min": false,
"show": true,
"total": false,
"values": false
},
"lines": true,
"linewidth": 1,
"nullPointMode": "null",
"options": {
"dataLinks": []
},
"percentage": false,
"pointradius": 2,
"points": false,
"renderer": "flot",
"seriesOverrides": [],
"spaceLength": 10,
"stack": false,
"steppedLine": false,
"targets": [
{
"appInsights": {
"dimension": "none",
"metricName": "select",
"rawQuery": false,
"rawQueryString": "",
"timeColumn": "timestamp",
"timeGrain": "auto",
"valueColumn": ""
},
"azureLogAnalytics": {
"query": "Perf\r\n| where ObjectName == \"Memory\" and \r\n (CounterName == \"Available MBytes Memory\" or // the name used in Linux records\r\n CounterName == \"Available MBytes\") // the name used in Windows records\n| where $__contains(Computer, $computer)\n| where TimeGenerated >= $__timeFrom() and TimeGenerated <= $__timeTo()\n| summarize avg(CounterValue) by bin(TimeGenerated, $__interval), Computer \n| order by TimeGenerated asc",
"resultFormat": "time_series",
"workspace": "$workspace"
},
"azureMonitor": {
"aggOptions": [],
"dimensionFilter": "*",
"metricDefinition": "select",
"metricName": "select",
"metricNamespace": "select",
"resourceGroup": "select",
"resourceName": "select",
"timeGrain": "auto",
"timeGrains": [],
"top": "10"
},
"queryType": "Azure Log Analytics",
"refId": "A",
"subscription": "44693801-6ee6-49de-9b2d-9106972f9572"
}
],
"thresholds": [],
"timeFrom": null,
"timeRegions": [],
"timeShift": null,
"title": "Memory - Available MBytes",
"tooltip": {
"shared": true,
"sort": 0,
"value_type": "individual"
},
"type": "graph",
"xaxis": {
"buckets": null,
"mode": "time",
"name": null,
"show": true,
"values": []
},
"yaxes": [
{
"format": "short",
"label": null,
"logBase": 1,
"max": null,
"min": null,
"show": true
},
{
"format": "short",
"label": null,
"logBase": 1,
"max": null,
"min": null,
"show": true
}
],
"yaxis": {
"align": false,
"alignLevel": null
}
},
{
"aliasColors": {},
"bars": false,
"dashLength": 10,
"dashes": false,
"datasource": "$ds",
"fieldConfig": {
"defaults": {
"custom": {}
},
"overrides": []
},
"fill": 1,
"fillGradient": 0,
"gridPos": {
"h": 7,
"w": 12,
"x": 12,
"y": 14
},
"hiddenSeries": false,
"id": 10,
"legend": {
"avg": false,
"current": false,
"max": false,
"min": false,
"show": true,
"total": false,
"values": false
},
"lines": true,
"linewidth": 1,
"nullPointMode": "null",
"options": {
"dataLinks": []
},
"percentage": false,
"pointradius": 2,
"points": false,
"renderer": "flot",
"seriesOverrides": [],
"spaceLength": 10,
"stack": false,
"steppedLine": false,
"targets": [
{
"appInsights": {
"dimension": "none",
"metricName": "select",
"rawQuery": false,
"rawQueryString": "",
"timeColumn": "timestamp",
"timeGrain": "auto",
"valueColumn": ""
},
"azureLogAnalytics": {
"query": "Perf\r\n| where ObjectName == \"Memory\" and \r\n (CounterName == \"% Used Memory\" or // the name used in Linux records\r\n CounterName == \"% Committed Bytes In Use\") // the name used in Windows records\n| where $__contains(Computer, $computer)\n| where TimeGenerated >= $__timeFrom() and TimeGenerated <= $__timeTo()\n| summarize avg(CounterValue) by bin(TimeGenerated, $__interval), Computer \n| order by TimeGenerated asc",
"resultFormat": "time_series",
"workspace": "$workspace"
},
"azureMonitor": {
"aggOptions": [],
"dimensionFilter": "*",
"metricDefinition": "select",
"metricName": "select",
"metricNamespace": "select",
"resourceGroup": "select",
"resourceName": "select",
"timeGrain": "auto",
"timeGrains": [],
"top": "10"
},
"queryType": "Azure Log Analytics",
"refId": "A",
"subscription": "44693801-6ee6-49de-9b2d-9106972f9572"
}
],
"thresholds": [],
"timeFrom": null,
"timeRegions": [],
"timeShift": null,
"title": "Memory - % Used Memory",
"tooltip": {
"shared": true,
"sort": 0,
"value_type": "individual"
},
"type": "graph",
"xaxis": {
"buckets": null,
"mode": "time",
"name": null,
"show": true,
"values": []
},
"yaxes": [
{
"format": "short",
"label": null,
"logBase": 1,
"max": null,
"min": null,
"show": true
},
{
"format": "short",
"label": null,
"logBase": 1,
"max": null,
"min": null,
"show": true
}
],
"yaxis": {
"align": false,
"alignLevel": null
}
},
{
"alert": {
"alertRuleTags": {},
"conditions": [
{
"evaluator": {
"params": [
96525
],
"type": "gt"
},
"operator": {
"type": "and"
},
"query": {
"params": [
"A",
"5m",
"now"
]
},
"reducer": {
"params": [],
"type": "avg"
},
"type": "query"
}
],
"executionErrorState": "alerting",
"for": "5m",
"frequency": "1m",
"handler": 1,
"name": "Disk - Free Megabytes alert",
"noDataState": "no_data",
"notifications": []
},
"aliasColors": {},
"bars": false,
"dashLength": 10,
"dashes": false,
"datasource": "${DS_AZURE_MONITOR}",
"fieldConfig": {
"defaults": {
"custom": {}
},
"overrides": []
},
"fill": 1,
"fillGradient": 0,
"gridPos": {
"h": 7,
"w": 12,
"x": 0,
"y": 21
},
"hiddenSeries": false,
"id": 11,
"legend": {
"avg": false,
"current": false,
"max": false,
"min": false,
"show": true,
"total": false,
"values": false
},
"lines": true,
"linewidth": 1,
"nullPointMode": "null",
"options": {
"dataLinks": []
},
"percentage": false,
"pointradius": 2,
"points": false,
"renderer": "flot",
"seriesOverrides": [],
"spaceLength": 10,
"stack": false,
"steppedLine": false,
"targets": [
{
"appInsights": {
"dimension": "none",
"metricName": "select",
"rawQuery": false,
"rawQueryString": "",
"timeColumn": "timestamp",
"timeGrain": "auto",
"valueColumn": ""
},
"azureLogAnalytics": {
"query": "Perf\r\n| where ObjectName == \"LogicalDisk\" or // the object name used in Windows records\r\n ObjectName == \"Logical Disk\" // the object name used in Linux records\r\n| where CounterName == \"Free Megabytes\"\r\n| where TimeGenerated >= $__timeFrom() and TimeGenerated <= $__timeTo()\n| summarize avg(CounterValue) by bin(TimeGenerated, $__interval), Computer \n| order by TimeGenerated asc",
"resultFormat": "time_series",
"workspace": "a2c1b44e-3e57-4410-b027-6cc0ae6dee67"
},
"azureMonitor": {
"aggOptions": [],
"dimensionFilter": "*",
"metricDefinition": "select",
"metricName": "select",
"metricNamespace": "select",
"resourceGroup": "select",
"resourceName": "select",
"timeGrain": "auto",
"timeGrains": [],
"top": "10"
},
"queryType": "Azure Log Analytics",
"refId": "A",
"subscription": "44693801-6ee6-49de-9b2d-9106972f9572"
}
],
"thresholds": [
{
"colorMode": "critical",
"fill": true,
"line": true,
"op": "gt",
"value": 96525
}
],
"timeFrom": null,
"timeRegions": [],
"timeShift": null,
"title": "Disk - Free Megabytes Alert",
"tooltip": {
"shared": true,
"sort": 0,
"value_type": "individual"
},
"type": "graph",
"xaxis": {
"buckets": null,
"mode": "time",
"name": null,
"show": true,
"values": []
},
"yaxes": [
{
"format": "short",
"label": null,
"logBase": 1,
"max": null,
"min": null,
"show": true
},
{
"format": "short",
"label": null,
"logBase": 1,
"max": null,
"min": null,
"show": true
}
],
"yaxis": {
"align": false,
"alignLevel": null
}
},
{
"columns": [],
"datasource": "$ds",
"fieldConfig": {
"defaults": {
"custom": {}
},
"overrides": []
},
"fontSize": "100%",
"gridPos": {
"h": 9,
"w": 24,
"x": 0,
"y": 28
},
"id": 4,
"pageSize": null,
"scroll": true,
"showHeader": true,
"sort": {
"col": 0,
"desc": true
},
"styles": [
{
"alias": "Time",
"align": "auto",
"dateFormat": "YYYY-MM-DD HH:mm:ss",
"pattern": "Time",
"type": "date"
},
{
"alias": "",
"align": "auto",
"colorMode": null,
"colors": [
"rgba(245, 54, 54, 0.9)",
"rgba(237, 129, 40, 0.89)",
"rgba(50, 172, 45, 0.97)"
],
"decimals": 2,
"pattern": "/.*/",
"thresholds": [],
"type": "number",
"unit": "short"
}
],
"targets": [
{
"appInsights": {
"dimension": "none",
"metricName": "select",
"rawQuery": false,
"rawQueryString": "",
"spliton": "",
"timeColumn": "timestamp",
"timeGrain": "auto",
"timeGrainType": "auto",
"valueColumn": "",
"yaxis": ""
},
"azureLogAnalytics": {
"query": "Perf\r\n| where ObjectName == \"$object\" and CounterName == \"$metric\"\n| where TimeGenerated >= $__timeFrom() and TimeGenerated <= $__timeTo()\n| where $__contains(Computer, $computer)\n| order by TimeGenerated asc",
"resultFormat": "table",
"workspace": "$workspace"
},
"azureMonitor": {
"aggOptions": [],
"dimensionFilter": "*",
"metricDefinition": "select",
"metricName": "select",
"metricNamespace": "select",
"resourceGroup": "select",
"resourceName": "select",
"timeGrain": "auto",
"timeGrains": [],
"top": "10"
},
"hide": false,
"queryType": "Azure Log Analytics",
"refId": "B",
"subscription": "44693801-6ee6-49de-9b2d-9106972f9572"
}
],
"title": "General query with raw data",
"transform": "table",
"type": "table-old"
}
],
"refresh": false,
"schemaVersion": 24,
"style": "dark",
"tags": [],
"templating": {
"list": [
{
"current": {
"selected": false,
"text": "Azure Monitor",
"value": "Azure Monitor"
},
"hide": 0,
"includeAll": false,
"label": "Data Source",
"multi": false,
"name": "ds",
"options": [],
"query": "grafana-azure-monitor-datasource",
"refresh": 1,
"regex": "",
"skipUrlSync": false,
"type": "datasource"
},
{
"allValue": null,
"current": {},
"datasource": "${DS_AZURE_MONITOR}",
"definition": "subscriptions()",
"hide": 0,
"includeAll": false,
"label": null,
"multi": false,
"name": "subscription",
"options": [],
"query": "subscriptions()",
"refresh": 1,
"regex": "",
"skipUrlSync": false,
"sort": 0,
"tagValuesQuery": "",
"tags": [],
"tagsQuery": "",
"type": "query",
"useTags": false
},
{
"allValue": null,
"current": {},
"datasource": "${DS_AZURE_MONITOR}",
"definition": "workspaces($subscription)",
"hide": 0,
"includeAll": false,
"label": null,
"multi": false,
"name": "workspace",
"options": [],
"query": "workspaces($subscription)",
"refresh": 1,
"regex": "",
"skipUrlSync": false,
"sort": 0,
"tagValuesQuery": "",
"tags": [],
"tagsQuery": "",
"type": "query",
"useTags": false
},
{
"allValue": "all",
"current": {},
"datasource": "${DS_AZURE_MONITOR}",
"definition": "workspace(\"$workspace\").Heartbeat | distinct Computer",
"hide": 0,
"includeAll": true,
"label": null,
"multi": true,
"name": "computer",
"options": [],
"query": "workspace(\"$workspace\").Heartbeat | distinct Computer",
"refresh": 1,
"regex": "",
"skipUrlSync": false,
"sort": 0,
"tagValuesQuery": "",
"tags": [],
"tagsQuery": "",
"type": "query",
"useTags": false
},
{
"allValue": "all",
"current": {},
"datasource": "${DS_AZURE_MONITOR}",
"definition": "workspace(\"$workspace\").Perf | distinct ObjectName",
"hide": 0,
"includeAll": false,
"label": null,
"multi": false,
"name": "object",
"options": [],
"query": "workspace(\"$workspace\").Perf | distinct ObjectName",
"refresh": 1,
"regex": "",
"skipUrlSync": false,
"sort": 0,
"tagValuesQuery": "",
"tags": [],
"tagsQuery": "",
"type": "query",
"useTags": false
},
{
"allValue": "all",
"current": {},
"datasource": "${DS_AZURE_MONITOR}",
"definition": "workspace(\"$workspace\").Perf | where ObjectName == \"$object\" | distinct CounterName",
"hide": 0,
"includeAll": false,
"label": null,
"multi": false,
"name": "metric",
"options": [],
"query": "workspace(\"$workspace\").Perf | where ObjectName == \"$object\" | distinct CounterName",
"refresh": 1,
"regex": "",
"skipUrlSync": false,
"sort": 0,
"tagValuesQuery": "",
"tags": [],
"tagsQuery": "",
"type": "query",
"useTags": false
}
]
},
"time": {
"from": "now-3h",
"to": "now"
},
"timepicker": {
"refresh_intervals": [
"5s",
"10s",
"30s",
"1m",
"5m",
"15m",
"30m",
"1h",
"2h",
"1d"
],
"time_options": [
"5m",
"15m",
"1h",
"6h",
"12h",
"24h",
"2d",
"7d",
"30d"
]
},
"timezone": "",
"title": "Azure Monitor Log Analytics",
"uid": "GESJARImz",
"version": 55
}
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment