通过

Azure Monitor 日志中支持转换的表

以下列表标识了 Log Analytics 工作区中支持转换的表。

Note

我们正在添加对更多表的支持。 请定期查看本文。

Table Limitations
AACAudit
AACHttpRequest
AADDomainServicesAccountLogon
AADDomainServicesAccountManagement
AADDomainServicesDirectoryServiceAccess
AADDomainServicesLogonLogoff
AADDomainServicesPolicyChange
AADDomainServicesPrivilegeUse
AADManagedIdentitySignInLogs
AADNonInteractiveUserSignInLogs
AADProvisioningLogs
AADRiskyUsers
AADServicePrincipalSignInLogs
AADUserRiskEvents
ABAPAuditLog
ABSBotRequests
ACSAuthIncomingOperations
ACSBillingUsage
ACSChatIncomingOperations
ACSSMSIncomingOperations
ADAssessmentRecommendation
AddonAzureBackupAlerts
AddonAzureBackupJobs
AddonAzureBackupPolicy
AddonAzureBackupProtectedInstance
AddonAzureBackupStorage
ADFActivityRun
ADFAirflowSchedulerLogs
ADFAirflowTaskLogs
ADFAirflowWebLogs
ADFAirflowWorkerLogs
ADFPipelineRun
ADFSandboxActivityRun
ADFSandboxPipelineRun
ADFSSignInLogs
ADFSSISIntegrationRuntimeLogs
ADFSSISPackageEventMessageContext
ADFSSISPackageEventMessages
ADFSSISPackageExecutableStatistics
ADFSSISPackageExecutionComponentPhases
ADFSSISPackageExecutionDataStatistics
ADFTriggerRun
ADPAudit
ADPDiagnostics
ADPRequests
ADReplicationResult
ADSecurityAssessmentRecommendation
ADTDigitalTwinsOperation
ADTModelsOperation
ADTQueryOperation
ADXCommand
ADXJournal
ADXQuery
ADXTableDetails
ADXTableUsageStatistics
AegDeliveryFailureLogs
AegPublishFailureLogs
AGWAccessLogs
AGWPerformanceLogs
AGWFirewallLogs
AirflowDagProcessingLogs
Alert
AlertEvidence
AlertInfo
AmlComputeClusterEvent
AmlComputeCpuGpuUtilization
AmlComputeInstanceEvent
AmlComputeJobEvent
AmlDataLabelEvent
AmlDataSetEvent
AmlDataStoreEvent
AmlDeploymentEvent
AmlEnvironmentEvent
AmlInferencingEvent
AmlModelsEvent
AmlOnlineEndpointConsoleLog
AmlPipelineEvent
AmlRunEvent
AmlRunStatusChangedEvent
Anomalies
ApiManagementGatewayLogs
AppAvailabilityResults
AppBrowserTimings
AppCenterError
AppDependencies
AppEvents
AppExceptions
AppMetrics
AppPageViews
AppPerformanceCounters
AppPlatformIngressLogs
AppPlatformLogsforSpring
AppPlatformSystemLogs
AppRequests
AppServiceAntivirusScanAuditLogs
AppServiceAppLogs
AppServiceAuditLogs
AppServiceConsoleLogs
AppServiceEnvironmentPlatformLogs
AppServiceFileAuditLogs
AppServiceHTTPLogs
AppServiceIPSecAuditLogs
AppServicePlatformLogs
AppSystemEvents
AppTraces
ASimAuditEventLogs
ASimAuthenticationEventLogs
ASimDhcpEventLogs
ASimDnsActivityLogs
ASimDnsAuditLogs
ASimFileEventLogs
ASimNetworkSessionLogs
ASimProcessEventLogs
ASimRegistryEventLogs
ASimUserManagementActivityLogs
ASimWebSessionLogs
AuditLogs
AutoscaleEvaluationsLog
AutoscaleScaleActionsLog
AWSCloudTrail
AWSCloudWatch
AWSGuardDuty
AWSVPCFlow
AZFWApplicationRule
AZFWApplicationRuleAggregation
AZFWDnsQuery
AZFWFatFlow
AZFWFlowTrace
AZFWIdpsSignature
AZFWInternalFqdnResolutionFailure
AZFWNatRule
AZFWNatRuleAggregation
AZFWNetworkRule
AZFWNetworkRuleAggregation
AZFWThreatIntel
AzureAssessmentRecommendation
AzureDevOpsAuditing
BehaviorAnalytics
BlockchainApplicationLog
BlockchainProxyLog
CDBCassandraRequests
CDBControlPlaneRequests
CDBDataPlaneRequests
CDBGremlinRequests
CDBMongoRequests
CDBPartitionKeyRUConsumption
CDBPartitionKeyStatistics
CDBQueryRuntimeStatistics
CloudAppEvents
CommonSecurityLog
ComputerGroup
ConfigurationChange
ConfigurationData 部分支持 - 有些数据是通过不受支持的内部服务引入的。
ContainerImageInventory
ContainerInventory
ContainerLog
ContainerLogV2
ContainerNodeInventory
ContainerRegistryLoginEvents
ContainerRegistryRepositoryEvents
ContainerServiceLog
CoreAzureBackup
DatabricksAccounts
DatabricksClusters
DatabricksDBFS
DatabricksFeatureStore
DatabricksGenie
DatabricksGlobalInitScripts
DatabricksInstancePools
DatabricksJobs
DatabricksMLflowAcledArtifact
DatabricksMLflowExperiment
DatabricksNotebook
DatabricksRemoteHistoryService
DatabricksSecrets
DatabricksSQLPermissions
DatabricksSSH
DatabricksWorkspace
DataverseActivity
DefenderForSqlAlerts
DefenderForSqlTelemetry
DeviceEvents
DeviceFileCertificateInfo
DeviceFileEvents
DeviceImageLoadEvents
DeviceInfo
DeviceLogonEvents
DeviceNetworkEvents
DeviceNetworkInfo
DeviceProcessEvents
DeviceRegistryEvents
DeviceTvmSecureConfigurationAssessment
DeviceTvmSecureConfigurationAssessmentKB
DeviceTvmSoftwareInventory
DeviceTvmSoftwareVulnerabilities
DeviceTvmSoftwareVulnerabilitiesKB
DnsEvents
DnsInventory
DummyHydrationFact
DynamicEventCollection
Dynamics365Activity
EmailAttachmentInfo
EmailEvents
EmailPostDeliveryEvents
EmailUrlInfo
Event 部分支持。 完全支持来自 Log Analytics 代理 (MMA) 或 Azure Monitor 代理 (AMA) 的数据。 通过 Azure 存储收集来自诊断扩展的数据。 不支持此路径。
ExchangeAssessmentRecommendation
ExchangeOnlineAssessmentRecommendation
FailedIngestion
FunctionAppLogs
GCPAuditLogs
GoogleCloudSCC
HDInsightAmbariClusterAlerts
HDInsightAmbariSystemMetrics
HDInsightHadoopAndYarnLogs
HDInsightHadoopAndYarnMetrics
HDInsightHBaseLogs
HDInsightHBaseMetrics
HDInsightHiveAndLLAPLogs
HDInsightHiveAndLLAPMetrics
HDInsightHiveTezAppStats
HDInsightKafkaLogs
HDInsightKafkaMetrics
HDInsightOozieLogs
HDInsightSecurityLogs
HDInsightSparkApplicationEvents
HDInsightSparkBlockManagerEvents
HDInsightSparkEnvironmentEvents
HDInsightSparkExecutorEvents
HDInsightSparkJobEvents
HDInsightSparkLogs
HDInsightSparkSQLExecutionEvents
HDInsightSparkStageEvents
HDInsightSparkStageTaskAccumulables
HDInsightSparkTaskEvents
HealthStateChangeEvent
HuntingBookmark
IdentityDirectoryEvents
IdentityInfo
IdentityLogonEvents
IdentityQueryEvents
InsightsMetrics 部分支持 - 有些数据是通过不受支持的内部服务引入的。
IntuneAuditLogs
IntuneDevices
IntuneOperationalLogs
KubeEvents
KubeHealth
KubeMonAgentEvents
KubeNodeInventory
KubePodInventory
KubePVInventory
KubeServices
LAQueryLogs
LinuxAuditLog
McasShadowItReporting
MCCEventLogs
MicrosoftAzureBastionAuditLogs
MicrosoftDataShareReceivedSnapshotLog
MicrosoftDataShareSentSnapshotLog
MicrosoftGraphActivityLogs
MicrosoftHealthcareApisAuditLogs
MicrosoftPurviewInformationProtection
NetworkAccessTraffic
NetworkMonitoring
NTAIpDetails
NTANetAnalytics
NTATopologyDetails
NWConnectionMonitorPathResult
NWConnectionMonitorTestResult
OfficeActivity
Perf
PowerAppsActivity
PowerAutomateActivity
PowerBIActivity
PowerBIDatasetsWorkspace
PowerPlatformAdminActivity
PowerPlatformConnectorActivity
PowerPlatformDlpActivity
ProcessInvestigator
ProjectActivity
ProtectionStatus
PurviewScanStatusLogs
RomeDetectionEvent
SCCMAssessmentRecommendation
SCOMAssessmentRecommendation
SecureScoreControls
SecureScores
SecurityAlert
SecurityBaseline
SecurityBaselineSummary
SecurityDetection
SecurityEvent 部分支持 - 完全支持来自 Log Analytics 代理 (MMA) 或 Azure Monitor 代理 (AMA) 的数据。 通过诊断扩展代理到达的数据是通过存储收集的,但不支持此路径。
SecurityIncident
SecurityIoTRawEvent
SecurityNestedRecommendation
SecurityRecommendation
SecurityRegulatoryCompliance
SentinelHealth
SfBAssessmentRecommendation
SfBOnlineAssessmentRecommendation
SharePointOnlineAssessmentRecommendation
SignalRServiceDiagnosticLogs
SigninLogs
SPAssessmentRecommendation
SQLAssessmentRecommendation
SqlAtpStatus
SQLSecurityAuditEvents
SqlThreatProtectionLoginAudits
SqlVulnerabilityAssessmentResult
SqlVulnerabilityAssessmentScanStatus
StorageBlobLogs
StorageFileLogs
StorageInsightsAccountPropertiesDaily
StorageInsightsDailyMetrics
StorageInsightsHourlyMetrics
StorageInsightsMonthlyMetrics
StorageInsightsWeeklyMetrics
StorageQueueLogs
StorageTableLogs
SucceededIngestion
SynapseBigDataPoolApplicationsEnded
SynapseBuiltinSqlPoolRequestsEnded
SynapseDXFailedIngestion
SynapseDXSucceededIngestion
SynapseGatewayApiRequests
SynapseIntegrationActivityRuns
SynapseIntegrationPipelineRuns
SynapseIntegrationTriggerRuns
SynapseRbacOperations
SynapseSqlPoolDmsWorkers
SynapseSqlPoolExecRequests
SynapseSqlPoolRequestSteps
SynapseSqlPoolSqlRequests
SynapseSqlPoolWaits
Syslog 部分支持 - 完全支持来自 Log Analytics 代理 (MMA) 或 Azure Monitor 代理 (AMA) 的数据。 通过诊断扩展代理到达的数据是通过存储收集的,但不支持此路径。
ThreatIntelligenceIndicator
TSIIngress
UCClient
UCClientReadinessStatus
UCClientUpdateStatus
UCDeviceAlert
UCDOAggregatedStatus
UCDOStatus
UCServiceUpdateStatus
UCUpdateAlert
Update 部分支持 - 有些数据是通过不受支持的内部服务引入的。
UpdateRunProgress
UpdateSummary
UrlClickEvents
W3CIISLog 部分支持 - 完全支持来自 Log Analytics 代理 (MMA) 或 Azure Monitor 代理 (AMA) 的数据。 通过诊断扩展代理到达的数据是通过存储收集的,但不支持此路径。
WaaSDeploymentStatus
WaaSInsiderStatus
WaaSUpdateStatus
Watchlist
WebPubSubConnectivity
WebPubSubHttpRequest
WebPubSubMessaging
WindowsClientAssessmentRecommendation
WindowsEvent
WindowsFirewall
WindowsServerAssessmentRecommendation
WireData 部分支持 - 有些数据是通过不受支持的内部服务引入的。
WorkloadDiagnosticLogs
WUDOAggregatedStatus
WUDOStatus
WVDAgentHealthStatus
WVDCheckpoints
WVDConnectionNetworkData
WVDConnections
WVDErrors
WVDFeeds
WVDHostRegistrations
WVDManagement
  • Last updated on