Azure Log Analytics Connector 1.0.0.0
The Azure Log Analytics Connector lets you run KQL queries against an Azure Log Analytics instance.
Prerequisites
- RunMyJobs 9.2.9 or later.
- Connection Management Extension 1.0.0.5 or later. Note that the Connection Management Extension will be installed or updated automatically if necessary when you install this Extension.
- Azure Connections Extension 1.0.0.3 or later (automatically installed by Catalog).
- Privileges Required to Use Azure Connections.
Note: This Connector supports Azure Connection configuration options.
Setup
To install the Azure Log Analytics Connector and create a Connection to Microsoft Entra (Azure AD):
-
To install the Azure Log Analytics Connector, click its tile in the Catalog, select the version you want, and then click Install <version number>.
Contents
| Object Type | Name |
|---|---|
| Folder | GLOBAL.Redwood.REDWOOD.AzureLogAnalytics |
| Job Definition | REDWOOD.Redwood_Azure_LogAnalytics_RunQuery_Template |
| Job Definition Type | REDWOOD.Redwood_Azure_LogAnalytics |
| Library | REDWOOD.Redwood_Azure_LogAnalytics |
Job Definitions
Redwood_Azure_LogAnalytics_RunQuery_Template
Template Job Definition for creating Job Definitions that query against Azure Log Analytics.
In addition to configuring these Parameters, you must specify a KQL query in the Source field. For a sample KQL query, see Querying Azure Log Analytics with a Template.
Parameters
| Tab | Name | Description | Documentation | Data Type | Direction | Default Expression | Values |
|---|---|---|---|---|---|---|---|
| Parameters | connection
|
Connection | The Azure AD Connection for Log Analytics. | String | In |
|
|
| Parameters | workspace
|
Workspace | The name of the workspace for Azure Log Analytics. | String | In |
|
|
| Parameters | queryTimeout
|
Query Timeout | The timeout (in seconds) for the query. 180 seconds by default, if not specified. Allows a maximum of 600 seconds. | Number | In |
|
|
| Parameters | outputFile
|
Output File | Contains the returned RTX output file. The columns in this file are the columns in the result of the KQL query. | String | Out |
|
|
Procedures
Querying Azure Log Analytics with a Template
To create a customized Job Definition, optionally with default values, for querying Azure Log Analytics:
-
Right-click the Redwood_Azure_LogAnalytics_RunQuery_Template Job Definition and choose New (from Template) from the context menu. The New Job Definition screen displays.
-
Choose a Partition.
-
Enter a Name.
-
Delete the default Folder value (if any) and substitute your own Folder name if desired.
-
In the Source field, enter the KQL query you want to execute. You can use input Parameters here if you want. For example, assume you have the following input Parameters:
-
tableName: Contains the name of the table to be queried. -
sortColumn: Contains the name of the column to sort on.
Given these two Parameters, you could enter the following KQL query in the Source field:
${tableName} | sort by ${sortColumn} -
-
In the Parameters tab, enter any Default Expressions you want to use.
-
When specifying the Connection value, use the format
EXTCONNECTION:<partition>.<connection name>.
-
-
Save and then submit the new Job Definition.