Auxliliary Logs
Split log streams into Analytics and Auxiliary Table
English
Logging
Azure
Log Analytics
Expert
In the last article we found out that KQL transformation at ingestion time is not available for Auxiliary Logs. But in real cases you want to have the ability to send selective log lines to Analytics while sending the rest to Auxiliary.
Remap column names in Data Collection Rules (DCR)
English
Logging
Azure
Log Analytics
Expert
In real world scenarios you have a data source with field names which are not identical to those in your table. Beside of renaming the fields in your agent which sending logs also Data Collection Rules provide the ability to map fields with transformkql.
Auxiliary Logs in Azure Log Analytics
English
Logging
Azure
Log Analytics
Expert
Microsoft provides a new type of Log Analytics tables called Auxiliary Logs. Currently this is in Public Preview and I did some lab testing which I documented in this blog post.