Log Analytics.md

Log Analytics examples

Across all data types

[Chart the record-count per table in the last 5 hours](~/examples/Log Analytics/Chart the record-count per table in the last 5 hours.md)

[Count all logs collected over the last hour, per type](~/examples/Log Analytics/Count all logs collected over the last hour per type.md)

AzureDiagnostics

[Count Azure diagnostics records per category](~/examples/Log Analytics/Count Azure diagnostics records per category.md)

[Get a random record for each unique category](~/examples/Log Analytics/Get a random record for each unique category.md)

[Get the latest record per category](~/examples/Log Analytics/Get the latest record per category.md)

Usage

[Calculate the average size of perf usage reports per computer](~/examples/Log Analytics/Calculate the average size of perf usage reports per computer.md)

[Timechart latency percentiles 50 and 95](~/examples/Log Analytics/Timechart latency percentiles 50 and 95.md)

[Usage of computer today](~/examples/Log Analytics/Usage of computers today.md)

Heartbeat

[Chart a week-over-week view of the number of computers sending data](~/examples/Log Analytics/Chart a week-over-week view of the number of computers sending data.md)

[Find stale computers](~/examples/Log Analytics/Find stale computers.md)

[Get latest heartbeat record per computer IP](~/examples/Log Analytics/Get latest heartbeat record per computer IP.md)

[Match protection and heartbeat records](~/examples/Log Analytics/Match protection status records with heartbeat records.md)

[Calculate availability rate for connected servers](~/examples/Log Analytics/Server availability rate.md)

Updates

[Computers still missing updates](~/examples/Log Analytics/Computers still missing updates.md)

ProtectionStatus

[Computers with non-reporting protection status duration](~/examples/Log Analytics/Computers with non-reporting protection status duration.md)

[Match protection and heartbeat records](~/examples/Log Analytics/Match protection status records with heartbeat records.md)

NetworkMonitoring

[Computers with unhealthy latency](~/examples/Log Analytics/Computers with unhealthy latency.md)

Perf

[Correlate computer memory and CPU](~/examples/Log Analytics/Correlate computer memory and cpu.md)

[Perf CPU Utilization graph per computer](~/examples/Log Analytics/Perf CPU Utilization graph per computer.md)

Alert

[Count alerts by severity per day](~/examples/Log Analytics/Count and chart alerts severity per day.md)

[Get a numbered list of the latest alerts](~/examples/Log Analytics/Get a numbered list of the latest alerts.md)

SecurityEvent

[Count security events by activity ID](~/examples/Log Analytics/Count security events by activity ID.md)

[Count security events related to permissions](~/examples/Log Analytics/Count security events related to permissions.md)

[Find accounts that failed to logon from computers on which we identify a security detection](~/examples/Log Analytics/Find accounts that failed to logon from computers on which we identify a security detection.md)

[Is my security data available](~/examples/Log Analytics/Is my security data available.md)

[Parse activity name and ID](~/examples/Log Analytics/Parse activity name and ID.md)

[Processes that used explicit credentials](~/examples/Log Analytics/Pie chart explicit credentials processes.md)

[Top 5 running processes in the last 3 days](~/examples/Log Analytics/Top 5 running processes in the last 3 days.md)

[Find repeating failed login attempts by the same account from different IPs](~/examples/Log Analytics/Find repeating failed login attempts by the same account from different IPs.md)

[Find user accounts that failed to login over 5 time in 1 day](~/examples/Log Analytics/Find user accounts that failed to login over 5 time in 1 day.md)

Event

[Search application-level events described as Cryptographic](~/examples/Log Analytics/Search application-level events described as Cryptographic.md)

[Search events related to unmarshaling](~/examples/Log Analytics/Search events related to unmarshaling.md)