Skip to content

Commit

Permalink
Adding example queries
Browse files Browse the repository at this point in the history
  • Loading branch information
noakup committed Jun 23, 2020
1 parent 288cec6 commit c3e1574
Show file tree
Hide file tree
Showing 391 changed files with 3,525 additions and 0 deletions.
1 change: 1 addition & 0 deletions Azure Services/API Management services/Alerts/README
Original file line number Diff line number Diff line change
@@ -0,0 +1 @@
Put alerts in this folder
Original file line number Diff line number Diff line change
@@ -0,0 +1,12 @@
// Author: Microsoft Azure
// Display name: Cache hit ratio
// Description: Statistics of Cache hit/miss ratio.
// Categories: ['resources']
// Resource types: ['API Management services']
// Topic: Diagnostics
ApiManagementGatewayLogs
| where TimeGenerated > ago(1d)
| summarize Cache_Miss=countif(Cache == "miss"), Cache_Hit=countif(Cache == "hit") by bin(TimeGenerated, 15m)
| extend Ratio=Cache_Hit / (Cache_Hit + Cache_Miss)
| project-away Cache_Hit , Cache_Miss
| render timechart
Original file line number Diff line number Diff line change
@@ -0,0 +1,9 @@
// Author: Microsoft Azure
// Display name: Client TLS versions
// Description: Breakdown of client TLS versions in the last 24 hours.
// Categories: ['resources']
// Resource types: ['API Management services']
// Topic: Diagnostics
ApiManagementGatewayLogs
| where TimeGenerated > ago(1d)
| summarize count(CorrelationId) by ClientTlsVersion, _ResourceId
Original file line number Diff line number Diff line change
@@ -0,0 +1,10 @@
// Author: Microsoft Azure
// Display name: Error reasons breakdown
// Description: Breakdown of all error reasons in the last 24 hours.
// Categories: ['resources']
// Resource types: ['API Management services']
// Topic: Errors
ApiManagementGatewayLogs
| where TimeGenerated > ago(1d)
| where IsRequestSuccess == false
| summarize count(CorrelationId) by LastErrorReason, _ResourceId
Original file line number Diff line number Diff line change
@@ -0,0 +1,11 @@
// Author: Microsoft Azure
// Display name: Get failed requests due to issues not related to the backend
// Description: Get the logs of failed requests due to issues not related to the backend (e.g., API Mangement policies configuration, rate limit exceeded, client disconnection).
// Categories: ['resources']
// Resource types: ['API Management services']
// Topic: Errors
ApiManagementGatewayLogs
| where TimeGenerated > ago(1d)
| where IsRequestSuccess == false
| where isnull(BackendResponseCode) or BackendResponseCode < 400
| where ResponseCode >= 400
Original file line number Diff line number Diff line change
@@ -0,0 +1,10 @@
// Author: Microsoft Azure
// Display name: Get failed requests due to issues related to the backend
// Description: Get the logs of failed requests due to backend issues.
// Categories: ['resources']
// Resource types: ['API Management services']
// Topic: Errors
ApiManagementGatewayLogs
| where TimeGenerated > ago(1d)
| where IsRequestSuccess == false
| where BackendResponseCode >= 400
Original file line number Diff line number Diff line change
@@ -0,0 +1,10 @@
// Author: Microsoft Azure
// Display name: Last 100 failed requests
// Description: Get the logs of the last 100 failed requests.
// Categories: ['resources']
// Resource types: ['API Management services']
// Topic: Errors
ApiManagementGatewayLogs
| where TimeGenerated > ago(1d)
| where IsRequestSuccess == false
| top 100 by TimeGenerated desc| where ResponseCode >= 400
Original file line number Diff line number Diff line change
@@ -0,0 +1,10 @@
// Author: Microsoft Azure
// Display name: Backend latency
// Description: Statistics of time (in miliseconds) spent in backend IO.
// Categories: ['resources']
// Resource types: ['API Management services']
// Topic: Latency
ApiManagementGatewayLogs
| where TimeGenerated > ago(1d)
| summarize Average=avg(BackendTime), Median=percentile(BackendTime, 50), 90th_Percentile=percentile(BackendTime, 90) by bin(TimeGenerated, 15m)
| render timechart
Original file line number Diff line number Diff line change
@@ -0,0 +1,10 @@
// Author: Microsoft Azure
// Display name: Client latency
// Description: Statistics of time (in miliseconds) spent in client IO.
// Categories: ['resources']
// Resource types: ['API Management services']
// Topic: Latency
ApiManagementGatewayLogs
| where TimeGenerated > ago(1d)
| summarize Average=avg(ClientTime), Median=percentile(ClientTime, 50), 90th_Percentile=percentile(ClientTime, 90) by bin(TimeGenerated, 15m)
| render timechart
Original file line number Diff line number Diff line change
@@ -0,0 +1,10 @@
// Author: Microsoft Azure
// Display name: Overall latency
// Description: Statistics of overall latency (in miliseconds) between the time API Mangement starts receiving a request and the time API Management finishes sending the response back to the client.
// Categories: ['resources']
// Resource types: ['API Management services']
// Topic: Latency
ApiManagementGatewayLogs
| where TimeGenerated > ago(1d)
| summarize Average=avg(TotalTime), Median=percentile(TotalTime, 50), 90th_Percentile=percentile(TotalTime, 90) by bin(TimeGenerated, 15m)
| render timechart
Original file line number Diff line number Diff line change
@@ -0,0 +1,11 @@
// Author: Microsoft Azure
// Display name: Bandwidth consumed
// Description: Total bandwidth consumed in the last 24 hours.
// Categories: ['resources']
// Resource types: ['API Management services']
// Topic: Performance
ApiManagementGatewayLogs
| where TimeGenerated > ago(1d)
| extend bandwidth = RequestSize + ResponseSize
| summarize sum(bandwidth) by bin(TimeGenerated, 1m), _ResourceId
| render timechart
1 change: 1 addition & 0 deletions Azure Services/API Management services/Queries/README
Original file line number Diff line number Diff line change
@@ -0,0 +1 @@
Put queries in this folder
Original file line number Diff line number Diff line change
@@ -0,0 +1,8 @@
// Author: Microsoft Azure
// Display name: Logs of the last 100 calls
// Description: Get the logs of the most recent 100 calls in the last 24 hours.
// Categories: ['resources']
// Resource types: ['API Management services']
// Topic: Usage
ApiManagementGatewayLogs
| top 100 by TimeGenerated desc
Original file line number Diff line number Diff line change
@@ -0,0 +1,10 @@
// Author: Microsoft Azure
// Display name: Number of calls by APIs
// Description: View the number of calls per API in the last 24 hours.
// Categories: ['resources']
// Resource types: ['API Management services']
// Topic: Usage
//Calls by API ID
ApiManagementGatewayLogs
| where TimeGenerated > ago(1d)
| summarize count(CorrelationId) by ApiId
Original file line number Diff line number Diff line change
@@ -0,0 +1,10 @@
// Author: Microsoft Azure
// Display name: Number of requests
// Description: Count the total number of calls across all APIs in the last 24 hours.
// Categories: ['resources']
// Resource types: ['API Management services']
// Topic: Usage
//Total number of call per resource
ApiManagementGatewayLogs
| where TimeGenerated > ago(1d)
| summarize count(CorrelationId) by _ResourceId
Original file line number Diff line number Diff line change
@@ -0,0 +1,10 @@
// Author: Microsoft Azure
// Display name: Request sizes
// Description: Statistics of request sizes in the last 24 hours.
// Categories: ['resources']
// Resource types: ['API Management services']
// Topic: Usage
ApiManagementGatewayLogs
| where TimeGenerated > ago(1d)
| summarize Average=avg(RequestSize), Median=percentile(RequestSize, 50), 90th_Percentile=percentile(RequestSize, 90) by bin(TimeGenerated, 1m)
| render timechart
Original file line number Diff line number Diff line change
@@ -0,0 +1,10 @@
// Author: Microsoft Azure
// Display name: Response sizes
// Description: Statistics of response sizes in the last 24 hours.
// Categories: ['resources']
// Resource types: ['API Management services']
// Topic: Usage
ApiManagementGatewayLogs
| where TimeGenerated > ago(1d)
| summarize Average=avg(ResponseSize), Median=percentile(ResponseSize, 50), 90th_Percentile=percentile(ResponseSize, 90) by bin(TimeGenerated, 1m)
| render timechart
1 change: 1 addition & 0 deletions Azure Services/API Management services/Workbooks/README
Original file line number Diff line number Diff line change
@@ -0,0 +1 @@
Put workbooks in this folder
1 change: 1 addition & 0 deletions Azure Services/App Services/Alerts/README
Original file line number Diff line number Diff line change
@@ -0,0 +1 @@
Put alerts in this folder
Original file line number Diff line number Diff line change
@@ -0,0 +1,9 @@
// Author: Microsoft Azure
// Display name: App logs for each App Service
// Description: Breakdown of log levels for each App Service.
// Categories: ['resources']
// Resource types: ['App Services']
// Topic: App Logs
AppServiceAppLogs
| project AppName = extract("(/[A-Z0-9-]+$)", 0, _ResourceId ), CustomLevel
| summarize count() by CustomLevel, AppName
Original file line number Diff line number Diff line change
@@ -0,0 +1,9 @@
// Author: Microsoft Azure
// Display name: Count app logs by severity
// Description: Bar chart of app log severities over time.
// Categories: ['resources']
// Resource types: ['App Services']
// Topic: App Logs
AppServiceAppLogs
| summarize count() by CustomLevel, bin(TimeGenerated, 1h)
| render barchart
Original file line number Diff line number Diff line change
@@ -0,0 +1,8 @@
// Author: Microsoft Azure
// Display name: Audit Logs relating to unexpected users
// Description: List Audit Logs for users who logged in that aren't a listed user.
// Categories: ['resources']
// Resource types: ['App Services']
// Topic: Audit Logs
AppServiceAuditLogs
| where UserDisplayName != "[email protected]"
Original file line number Diff line number Diff line change
@@ -0,0 +1,8 @@
// Author: Microsoft Azure
// Display name: File Audit Logs relating to a "Delete" operation
// Description: List File Audit Logs that has a "Delete" operation.
// Categories: ['resources']
// Resource types: ['App Services']
// Topic: Audit Logs
AppServiceFileAuditLogs
| where OperationName == "Delete"
Original file line number Diff line number Diff line change
@@ -0,0 +1,11 @@
// Author: Microsoft Azure
// Display name: Line chart of response times
// Description: Time series of mean response time (over 5 minute intervals).
// Categories: ['resources']
// Resource types: ['App Services']
// Topic: Azure Metrics
AzureMetrics
| extend timeBin = bin(TimeGenerated, 5m)
| summarize ResponseTime = sumif(Average, MetricName=="AverageResponseTime") by timeBin, bin(TimeGenerated, 1h)
| sort by TimeGenerated desc
| render timechart
Original file line number Diff line number Diff line change
@@ -0,0 +1,11 @@
// Author: Microsoft Azure
// Display name: Pie chart of HTTP response codes
// Description: Breakdown of response codes for each metric, over the last 12 hours.
// Categories: ['resources']
// Resource types: ['App Services']
// Topic: Azure Metrics
AzureMetrics
| where TimeGenerated > ago(12h)
| where MetricName in ("Http2xx", "Http3xx", "Http4xx", "Http5xx")
| summarize sum(Total) by MetricName
| render piechart
Original file line number Diff line number Diff line change
@@ -0,0 +1,8 @@
// Author: Microsoft Azure
// Display name: Find console logs relating to application startup
// Description: List console logs that contain the term "starting".
// Categories: ['resources']
// Resource types: ['App Services']
// Topic: Console logs
AppServiceConsoleLogs
| where tolower(ResultDescription) contains "starting"
1 change: 1 addition & 0 deletions Azure Services/App Services/Queries/README
Original file line number Diff line number Diff line change
@@ -0,0 +1 @@
Put queries in this folder
1 change: 1 addition & 0 deletions Azure Services/App Services/Workbooks/README
Original file line number Diff line number Diff line change
@@ -0,0 +1 @@
Put workbooks in this folder
1 change: 1 addition & 0 deletions Azure Services/Application Insights/Alerts/README
Original file line number Diff line number Diff line change
@@ -0,0 +1 @@
Put alerts in this folder
Original file line number Diff line number Diff line change
@@ -0,0 +1,10 @@
// Author: Microsoft Azure
// Display name: Page views trend
// Description: Chart the page views count, during the last day.
// Categories: ['applications']
// Resource types: ['Application Insights']
// Topic: Browsing data
pageViews
| where client_Type == 'Browser'
| summarize count_sum = sum(itemCount) by bin(timestamp,30m)
| render timechart
Original file line number Diff line number Diff line change
@@ -0,0 +1,11 @@
// Author: Microsoft Azure
// Display name: Slowest pages
// Description: What are the 3 slowest pages, and how slow are they?
// Categories: ['applications']
// Resource types: ['Application Insights']
// Topic: Browsing data
pageViews
| where notempty(duration) and client_Type == 'Browser'
| extend total_duration=duration*itemCount
| summarize avg_duration=(sum(total_duration)/sum(itemCount)) by operation_Name
| top 3 by avg_duration desc
Original file line number Diff line number Diff line change
@@ -0,0 +1,10 @@
// Author: Microsoft Azure
// Display name: Top 3 browser exceptions
// Description: What were the highest reported exceptions today?
// Categories: ['applications']
// Resource types: ['Application Insights']
// Topic: Browsing data
exceptions
| where notempty(client_Browser) and client_Type == 'Browser'
| summarize total_exceptions = sum(itemCount) by problemId
| top 3 by total_exceptions desc
Original file line number Diff line number Diff line change
@@ -0,0 +1,9 @@
// Author: Microsoft Azure
// Display name: Operations performance
// Description: Calculate request count and duration by operations.
// Categories: ['applications']
// Resource types: ['Application Insights']
// Topic: Performance
requests
| summarize RequestsCount=sum(itemCount), AverageDuration=avg(duration), percentiles(duration, 50, 95, 99) by operation_Name // you can replace 'operation_Name' with another value to segment by a different property
| order by RequestsCount desc // order from highest to lower (descending)
Original file line number Diff line number Diff line change
@@ -0,0 +1,9 @@
// Author: Microsoft Azure
// Display name: Request count trend
// Description: Chart Request count over the last day.
// Categories: ['applications']
// Resource types: ['Application Insights']
// Topic: Performance
requests
| summarize totalCount=sum(itemCount) by bin(timestamp, 30m)
| render timechart
Original file line number Diff line number Diff line change
@@ -0,0 +1,11 @@
// Author: Microsoft Azure
// Display name: Response time buckets
// Description: Show how many requests are in each performance-bucket.
// Categories: ['applications']
// Resource types: ['Application Insights']
// Topic: Performance
requests
| summarize requestCount=sum(itemCount), avgDuration=avg(duration) by performanceBucket
| order by avgDuration asc // sort by average request duration
| project-away avgDuration // no need to display avgDuration, we used it only for sorting results
| render barchart
Original file line number Diff line number Diff line change
@@ -0,0 +1,10 @@
// Author: Microsoft Azure
// Display name: Response time trend
// Description: Chart request duration over the last 12 hours.
// Categories: ['applications']
// Resource types: ['Application Insights']
// Topic: Performance
requests
| where timestamp > ago(12h)
| summarize avgRequestDuration=avg(duration) by bin(timestamp, 10m) // use a time grain of 10 minutes
| render timechart
Original file line number Diff line number Diff line change
@@ -0,0 +1,10 @@
// Author: Microsoft Azure
// Display name: Top 10 countries by traffic
// Description: Chart the amount of requests from the top 10 countries.
// Categories: ['applications']
// Resource types: ['Application Insights']
// Topic: Performance
requests
| summarize CountByCountry=count() by client_CountryOrRegion
| top 10 by CountByCountry
| render piechart
1 change: 1 addition & 0 deletions Azure Services/Application Insights/Queries/README
Original file line number Diff line number Diff line change
@@ -0,0 +1 @@
Put queries in this folder
Original file line number Diff line number Diff line change
@@ -0,0 +1,13 @@
// Author: Microsoft Azure
// Display name: Exceptions causing request failures
// Description: Find which exceptions led to failed requests in the past hour.
// Categories: ['applications']
// Resource types: ['Application Insights']
// Topic: Reports failures
requests
| where timestamp > ago(1h) and success == false
| join kind= inner (
exceptions
| where timestamp > ago(1h)
) on operation_Id
| project exceptionType = type, failedMethod = method, requestName = name, requestDuration = duration
Loading

0 comments on commit c3e1574

Please sign in to comment.