Azure Log Search Alerts - How to configure emails to show top 10 results

Question

No doubt I will lose more points for asking the wrong question or something but I'm a bit stuck on an Azure Log Alerts issue.

For one application we have an email log search alert setup with a query which sends an email to a group any time we get an exception.

We have a seemingly identical one for another application but the key difference is one sends the top 10 results in the email and the other one doesn't. How can I configure my application such that I don't need to open up Azure Portal in order to see the log details?

Answer 1

How can I configure my application such that I don't need to open up Azure Portal in order to see the log details?

Azure Log Analytics alerts don't inherently include detailed log data in email notifications.

However, you can work around this limitation by using Azure Logic Apps.

Create a new Logic App in the Azure Portal by following the steps here.

Add a trigger for When a HTTP request is received This will be your trigger point. follow the link to create HTTP trigger in Logic App

Add a step to run your Log Analytics query using the "HTTP" action or the Azure Log Analytics connector.

Add a step to format the email using the "Send an email" action, in the email body, include the results from the Log Analytics query, Follow the MS doc for more details.

This way, when an alert is triggered, Logic App will run the query and send an email with the top 10 results with details in CSV file as below.