aid: azure-log-analytics name: Azure Log Analytics description: Azure Log Analytics is a service that helps you collect and analyze data generated by resources in your cloud and on-premises environments, providing query, management, and data collection APIs for monitoring and analytics. type: Index image: https://kinlane-productions.s3.amazonaws.com/apis-json/apis-json-logo.jpg tags: - Analytics - Azure - Cloud - Logging - Monitoring url: https://raw.githubusercontent.com/api-evangelist/azure-log-analytics/refs/heads/main/apis.yml created: '2024-01-01' modified: '2026-05-19' specificationVersion: '0.19' apis: - aid: azure-log-analytics:azure-log-analytics-query-api name: Azure Log Analytics Query API description: API for querying logs and data collected in Azure Log Analytics workspaces using Kusto Query Language (KQL), supporting both workspace-scoped and cross-workspace queries. humanURL: https://learn.microsoft.com/en-us/azure/azure-monitor/logs/api/overview baseURL: https://api.loganalytics.azure.com/v1 tags: - Analytics - Logs - Query properties: - type: Documentation url: https://learn.microsoft.com/en-us/azure/azure-monitor/logs/api/overview - type: OpenAPI url: openapi/azure-log-analytics-query-api.yaml - type: APIReference url: https://learn.microsoft.com/en-us/azure/azure-monitor/logs/api/request-format - type: Authentication url: https://learn.microsoft.com/en-us/azure/azure-monitor/logs/api/access-api - type: Quickstart url: https://learn.microsoft.com/en-us/azure/azure-monitor/logs/log-analytics-tutorial - type: JSONSchema url: json-schema/query-api-query-body-schema.json - type: JSONSchema url: json-schema/query-api-query-results-schema.json - type: JSONLD url: json-ld/azure-log-analytics-query-api-context.jsonld - type: Example url: examples/query-api-query-body-example.json - type: Example url: examples/query-api-query-results-example.json - type: NaftikoCapability url: capabilities/query-query.yaml - aid: azure-log-analytics:azure-log-analytics-management-api name: Azure Log Analytics Management API description: API for managing Log Analytics workspaces, data sources, saved searches, linked services, storage insights, clusters, and tables through Azure Resource Manager. humanURL: https://learn.microsoft.com/en-us/rest/api/loganalytics/ baseURL: https://management.azure.com tags: - Configuration - Management - Workspaces properties: - type: Documentation url: https://learn.microsoft.com/en-us/rest/api/loganalytics/ - type: OpenAPI url: openapi/azure-log-analytics-management-api.yaml - type: APIReference url: https://learn.microsoft.com/en-us/rest/api/loganalytics/workspaces - type: JSONSchema url: json-schema/management-api-workspace-schema.json - type: JSONSchema url: json-schema/management-api-saved-search-schema.json - type: JSONLD url: json-ld/azure-log-analytics-management-api-context.jsonld - type: Example url: examples/management-api-workspace-example.json - type: Example url: examples/management-api-saved-search-example.json - type: NaftikoCapability url: capabilities/management-saved-searches.yaml - type: NaftikoCapability url: capabilities/management-tables.yaml - type: NaftikoCapability url: capabilities/management-workspaces.yaml - aid: azure-log-analytics:azure-log-analytics-ingestion-api name: Azure Log Analytics Ingestion API description: API for sending custom log data to Azure Log Analytics workspaces using data collection rules and endpoints, supporting both custom and Azure tables. humanURL: https://learn.microsoft.com/en-us/azure/azure-monitor/logs/logs-ingestion-api-overview baseURL: https://monitor.azure.com tags: - Data Collection - Ingestion - Logs properties: - type: Documentation url: https://learn.microsoft.com/en-us/azure/azure-monitor/logs/logs-ingestion-api-overview - type: OpenAPI url: openapi/azure-log-analytics-ingestion-api.yaml - type: Quickstart url: https://learn.microsoft.com/en-us/azure/azure-monitor/logs/tutorial-logs-ingestion-code - type: Authentication url: https://learn.microsoft.com/en-us/azure/azure-monitor/logs/logs-ingestion-api-overview#configuration - type: JSONSchema url: json-schema/ingestion-api-log-entry-schema.json - type: JSONLD url: json-ld/azure-log-analytics-ingestion-api-context.jsonld - type: Example url: examples/ingestion-api-log-entry-example.json - type: NaftikoCapability url: capabilities/ingestion-ingestion.yaml common: - type: Portal url: https://portal.azure.com/ - type: Documentation url: https://learn.microsoft.com/en-us/azure/azure-monitor/logs/log-analytics-overview - type: GettingStarted url: https://learn.microsoft.com/en-us/azure/azure-monitor/logs/log-analytics-tutorial - type: Pricing url: https://azure.microsoft.com/en-us/pricing/details/monitor/ - type: StatusPage url: https://status.azure.com/ - type: Support url: https://azure.microsoft.com/en-us/support/ - type: Blog url: https://azure.microsoft.com/en-us/blog/tag/azure-log-analytics/ - type: TermsOfService url: https://azure.microsoft.com/en-us/support/legal/ - type: PrivacyPolicy url: https://privacy.microsoft.com/en-us/privacystatement - type: GitHubOrganization url: https://github.com/Azure - type: GitHubRepository url: https://github.com/Azure/azure-rest-api-specs - type: CLI url: https://learn.microsoft.com/en-us/cli/azure/monitor/log-analytics - type: SDK url: https://pypi.org/project/azure-monitor-query/ title: Python SDK - type: SDK url: https://www.npmjs.com/package/@azure/monitor-query title: JavaScript SDK - type: SDK url: https://pkg.go.dev/github.com/Azure/azure-sdk-for-go/sdk/monitor/query/azlogs title: Go SDK - type: SDK url: https://learn.microsoft.com/en-us/dotnet/api/overview/azure/Monitor.Query-readme title: .NET SDK - type: SDK url: https://learn.microsoft.com/en-us/java/api/overview/azure/monitor-query-readme title: Java SDK - type: RateLimits url: https://learn.microsoft.com/en-us/azure/azure-monitor/service-limits#query-api - type: SpectralRules url: rules/azure-log-analytics-spectral-rules.yml - type: Vocabulary url: vocabulary/azure-log-analytics-vocabulary.yaml - type: Features data: - name: Kusto Query Language description: Full KQL query language support for complex log analytics and data exploration across cloud and on-premises resources. - name: Custom Log Ingestion description: Send custom log data from any source using the Logs Ingestion API with data collection rules and transformations. - name: Workspace Management description: Create, configure, and manage Log Analytics workspaces including data sources, retention policies, and access control. - name: Saved Searches description: Save and reuse KQL queries across workspace sessions for consistent monitoring and reporting. - name: Data Collection Rules description: Define data collection pipelines with transformations that shape incoming data before it reaches the workspace. - name: Cross-Workspace Queries description: Query data across multiple Log Analytics workspaces in a single query for centralized analysis. - name: Simple Mode Queries description: Point-and-click spreadsheet-like query experience for users who do not need full KQL knowledge. - name: Alert Rule Integration description: Create alert rules directly from log queries to enable proactive monitoring and automated responses. - name: Workspace Failover description: Activate and deactivate failover for workspace disaster recovery and high availability. - name: Data Export description: Export query results to Excel, CSV, Power BI, and Grafana dashboards for external analysis. - type: UseCases data: - name: Infrastructure Monitoring description: Collect and analyze logs from virtual machines, containers, and network resources to monitor infrastructure health. - name: Security Investigation description: Query security events and audit logs to investigate incidents and detect threats across Azure resources. - name: Application Performance Monitoring description: Analyze application logs and telemetry to identify performance bottlenecks and errors. - name: Compliance Auditing description: Collect and retain audit logs to meet regulatory compliance requirements and generate compliance reports. - name: Custom Data Integration description: Ingest custom log data from third-party systems and on-premises resources using the Logs Ingestion API. - name: Cost Optimization description: Analyze resource usage patterns and log data to identify cost-saving opportunities across Azure deployments. - type: Integrations data: - name: Azure Monitor description: Core integration with Azure Monitor for unified observability across metrics, logs, and traces. - name: Microsoft Sentinel description: Feed log data into Microsoft Sentinel for SIEM and SOAR capabilities. - name: Azure Data Explorer description: Built on Azure Data Explorer engine, supports the same KQL query language for advanced analytics. - name: Power BI description: Export and visualize log query results in Power BI dashboards for business intelligence reporting. - name: Grafana description: Connect Azure Monitor Logs as a data source in managed Grafana dashboards for visualization. - name: Azure Workbooks description: Create interactive visual reports using log query results within Azure Workbooks. - name: Azure Automation description: Trigger automation runbooks based on log query results and alert rules. - name: Azure Logic Apps description: Integrate log analytics alerts with Logic Apps workflows for automated incident response. - name: Application Insights description: Combine application telemetry from Application Insights with infrastructure logs for full-stack observability. - name: Azure Resource Manager description: Manage Log Analytics resources programmatically through Azure Resource Manager REST APIs. maintainers: - FN: Kin Lane email: kin@apievangelist.com