Home > database >  Joining logs from 2 Azure Log Analytics workspaces
Joining logs from 2 Azure Log Analytics workspaces

Time:12-16

I'm using the Azure SDK for Python to query a log Analytics workspace.

I have 2 workspaces I'd like to query, but I was wondering if there is a way to union the data inside the query instead of querying both workspaces and combining the result objects within my Python program.

Something like this -

from azure.monitor.query import LogsQueryClient

client = LogsQueryClient(creds)

query = """
TableName // Table from the current workspace
| union ExteralTableName // Table from a different workspace
"""

client.query_workspace("<current_workspace_id>", query, timespan="...")

The identity that executes this query will have permissions to query both workspaces separately, and I have their URLs.

I couldn't find this option in the Log Analytics documentation, so I'm wondering if anyone else has done this before, or if I must process the data after It's sent back to me.

Thanks in advance!

CodePudding user response:

I did some further digging of the SDK source and found this nice example which does exactly what I want.

If you end up using this, it seems that the result is a union of the results from both of the workspaces - the results are not separated to different result tables.

CodePudding user response:

You should be able to make cross-workspace queries like explained here in detail: https://learn.microsoft.com/en-us/azure/azure-monitor/logs/cross-workspace-query

Page link:https//www.codepudding.com/database/644217.html

Prev:Downgrading Azure Resources during weekends using PowerShell Automation
Next:AZURE Web App Service Plan and AKS Cluster in same Subscription possible?
  • Related

About Us:  Contact Us      Terms of Service       Privacy Policy

Copyright © 2010-2023,Powered By CodePudding