question

ALGOURDINErwan-7278 avatar image
0 Votes"
ALGOURDINErwan-7278 asked learn2skills commented

how to import custom log in Azure log analytics workspace ?

i make a powershell query export from security log as RawDATA, i put response in .txt file.
when i import this file in Log analytics workspace i havent response form my query.

need to know how to parse data or what i do wrong

thank you for answer


Cordially

azure-monitormicrosoft-sentinel
· 2
5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

If this answers your query, do click Accept Answer and Up-Vote for the same. And, if you have any further query do let us know.

0 Votes 0 ·

To follow-up, Please let us know if you have further query on this.
Please don’t forget to Accept the answer

0 Votes 0 ·

1 Answer

learn2skills avatar image
0 Votes"
learn2skills answered JamesTran-MSFT commented

Hi @ALGOURDINErwan-7278

Use the following procedure to define a custom log file. Scroll to the end of this article for a walkthrough of a sample of adding a custom log.
https://docs.microsoft.com/en-us/azure/azure-monitor/agents/data-sources-custom-logs#defining-a-custom-log

Parse text data in Azure Monitor logs
https://docs.microsoft.com/en-us/azure/azure-monitor/logs/parse-text



If the Answer is helpful, please click Accept Answer and up-vote, this can be beneficial to other community members.


· 1
5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

@ALGOURDINErwan-7278
I just wanted to check in and see if you had any other questions or if you were able to resolve this issue?

If you have any other questions, please let me know.
Thank you for your time and patience throughout this issue.


Please remember to "Accept Answer" if any answer/reply helped, so that others in the community facing similar issues can easily find the solution.

0 Votes 0 ·