Note
Access to this page requires authorization. You can try signing in or changing directories.
Access to this page requires authorization. You can try changing directories.
For information on using these queries in the Azure portal, see Log Analytics tutorial. For the REST API, see Query.
Log severity analysis
Analyze log distribution by severity level and service over the last hour.
OTelLogs
| where TimeGenerated > ago(1h)
| summarize
LogCount = count(),
UniqueTraces = dcount(TraceId),
UniqueSpans = dcount(SpanId),
SampleBodies = take_any(Body, 3)
by ServiceName, SeverityText, SeverityNumber
| extend SeverityLevel = case(
SeverityNumber <= 4, "Debug",
SeverityNumber <= 8, "Info",
SeverityNumber <= 12, "Warn",
SeverityNumber <= 16, "Error",
"Fatal"
)
| order by SeverityNumber desc, LogCount desc
| project ServiceName, SeverityText, SeverityLevel, SeverityNumber, LogCount, UniqueTraces, UniqueSpans, SampleBodies
| limit 100