Create an Alert when Data Collection is Higher than Expected


This section describes how to create an alert if:

  • Data volume exceeds a specified amount.
  • Data volume is predicted to exceed a specified amount.
Azure Alerts support log alerts that use search queries.
The following query has a result when there is more than 100 GB of data collected in the last 24 hours:
union withsource = $table Usage | where
QuantityUnit == "MBytes" and iff(isnotnull(toint(IsBillable)),
IsBillable == true, IsBillable == "true") == true | extend Type =
$table | summarize DataGB = sum((Quantity / 1024)) by Type | where DataGB >
4 | where TimeGenerated >= ago(30d)

When you receive an alert, use the steps in the following link to troubleshoot why usage is higher than expected or if you would like full detail on this topic visit https://docs.microsoft.com/en-us/azure/log-analytics/log-analytics-usage#create-an-alert-when-data-collection-is-higher-than-expected

For general feedback on the Resource Center or content, please submit your response to UserVoice. For specific requests and content updates regarding the Services Hub, contact our Support Team to submit a case.