Queries for the ADGSyslogEvent table

For information on using these queries in the Azure portal, see Log Analytics tutorial. For the REST API, see Query.

Get Syslog from last day

Get 100 syslog events from last day.

ADGSyslogEvent
| where TimeGenerated >= ago(1d)
| project TimeGenerated, NVAResourceId, NVARegion, Msg
| order by TimeGenerated desc
| take 100