如何使用 Kusto 访问 Azure Function 应用程序代码 logging() 消息?
How to use Kusto to access Azure Function app code logging() message?
我有一个 Python Azure Functions,它有一堆 Python logging.error()/logging.info() 消息。我喜欢这种方法(我是 Python 的新手)因为我可以查看 运行 历史并查看有关 运行.
的关键信息
Azure 函数 运行 历史如下所示:
示例 1:
此 Kusto 查询为我提供了关于给定 运行 的 基础知识 ,但 none 的细节
requests
| project timestamp, id, operation_Name, success, resultCode, duration, operation_Id, cloud_RoleName, invocationId=customDimensions['InvocationId']
| where timestamp > ago(6d)
| where cloud_RoleName =~ 'functionAppName' and operation_Name =~ 'functionName'
| order by timestamp asc
输出:
示例 2:
此查询获取我需要的所有详细信息,但我必须定义 operation_id 和 InvocationId
union traces
| union exceptions
| where timestamp > ago(30d)
| where operation_Id == '<biglongstring>'
| where customDimensions['InvocationId'] == '<biglongstring1>'
| order by timestamp asc
| project timestamp, message = iff(message != '', message, iff(innermostMessage != '', innermostMessage, customDimensions.['prop__{OriginalFormat}'])), logLevel = customDimensions.['LogLevel']
输出:
我需要查询在这些 logging() 消息中找到的特定关键字。
如何使用 Kusto 查询执行此操作?
您可以使用任何 string search operators, such as "has". If your logging message follows a certain convention you can use the parse 运算符将相关数据提取到列中。
以下是最终对我有用的东西。
| where message contains "specific string in logging" 是关键。这里 message 有我正在寻找的日志记录字符串。
union traces
| union exceptions
| where timestamp > ago(30d)
| where message contains "specific string in logging"
| order by timestamp asc
| project timestamp, message = iff(message != '', message, iff(innermostMessage != '', innermostMessage, customDimensions.['prop__{OriginalFormat}'])), logLevel = customDimensions.['LogLevel']
我有一个 Python Azure Functions,它有一堆 Python logging.error()/logging.info() 消息。我喜欢这种方法(我是 Python 的新手)因为我可以查看 运行 历史并查看有关 运行.
Azure 函数 运行 历史如下所示:
示例 1:
此 Kusto 查询为我提供了关于给定 运行 的 基础知识 ,但 none 的细节
requests
| project timestamp, id, operation_Name, success, resultCode, duration, operation_Id, cloud_RoleName, invocationId=customDimensions['InvocationId']
| where timestamp > ago(6d)
| where cloud_RoleName =~ 'functionAppName' and operation_Name =~ 'functionName'
| order by timestamp asc
输出:
示例 2:
此查询获取我需要的所有详细信息,但我必须定义 operation_id 和 InvocationId
union traces
| union exceptions
| where timestamp > ago(30d)
| where operation_Id == '<biglongstring>'
| where customDimensions['InvocationId'] == '<biglongstring1>'
| order by timestamp asc
| project timestamp, message = iff(message != '', message, iff(innermostMessage != '', innermostMessage, customDimensions.['prop__{OriginalFormat}'])), logLevel = customDimensions.['LogLevel']
输出:
我需要查询在这些 logging() 消息中找到的特定关键字。
如何使用 Kusto 查询执行此操作?
您可以使用任何 string search operators, such as "has". If your logging message follows a certain convention you can use the parse 运算符将相关数据提取到列中。
以下是最终对我有用的东西。
| where message contains "specific string in logging" 是关键。这里 message 有我正在寻找的日志记录字符串。
union traces
| union exceptions
| where timestamp > ago(30d)
| where message contains "specific string in logging"
| order by timestamp asc
| project timestamp, message = iff(message != '', message, iff(innermostMessage != '', innermostMessage, customDimensions.['prop__{OriginalFormat}'])), logLevel = customDimensions.['LogLevel']