![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(67.2, 0%, 16%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ESS%3C/text%3E%3C/svg%3E)
Azure Data Explorer
An Azure data analytics service for real-time analysis on large volumes of data streaming from sources including applications, websites, and internet of things devices.
561 questions
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(195.2, 50%, 28%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EVR%3C/text%3E%3C/svg%3E)
Hi @Souvik Saha Choudhary
To address missing logs in your Azure Log Analytics Workspace linked to Azure Data Explorer, the following resources will be useful:
- Check Diagnostic Settings: Ensure that the diagnostic settings for your Azure resources are configured correctly to send logs to the right Log Analytics Workspace. Verify that the necessary log categories are selected for collection.
- Verify Workspace Setup: Double-check that your Log Analytics Workspace is set up in the correct subscription and region. Any issues here might prevent logs from being ingested.
- Check Log Types and Retention: Confirm that the correct types of logs are being sent to your Log Analytics Workspace. Also, ensure that the retention settings are properly configured so that logs are not prematurely deleted before you can query them.
- Be Aware of Column Limits: The AzureDiagnostics table has a limit of 500 columns. If this limit is exceeded, some logs might not be captured. Review your columns to ensure you are not hitting this limit.
- Use KQL to Search Logs: Utilize Kusto Query Language (KQL) to effectively query logs. For example, you can use the query
AzureDiagnostics | where TimeGenerated > ago(30d)to find logs from the last month. To explore all available tables, useunion * | summarize count() by $table. - Check Permissions: Make sure you have the necessary permissions to view all logs. This is especially important if your resources and workspace are in different subscriptions.
- Monitor Ingestion Delays: Check the Usage tab in Log Analytics Workspace Insights to monitor data ingestion and identify any delays. Delays in log ingestion can affect the availability of logs.
For more information refer to Microsoft's documentation:
I hope this helps. Please let us know if you have any further questions.
Kindly consider upvoting the comment if the information provided is helpful. This can assist other community members in resolving similar issues.