none
Export entire log and schedule frequent backups RRS feed

  • Question

  • Hi together,

    I just wondered if it is possible to do the following things with Azure Log Analytics

    • Export the entire log to a database. Use Case here: any kind of incident happened and we want to do forensic work on a snapshot of the entire log
    • Schedule regular backups on a custom interval. Use Case here: we are required to have backups of the logs

    I wasn't able to find answers to those specific topics. Many thanks for any hints in advance :) 



    • Edited by CodeMonk3y Monday, January 13, 2020 8:15 PM
    Monday, January 13, 2020 8:15 PM

Answers

  • Thanks for reaching out!  AFAIK, you can export the log analytics data either to CSV file or PowerBI .

    There is another way to export data to storage account where you will query your workspace for required logs and then use Logic App to send data to your Azure blog storage. This approach requires minimal code and azure storage account acts as a backup.( I can share further steps on how to do if you are interested in backing up data to storage account).

    Please note that  Azure Monitor team are rolling out a new capability which will allow you to continuously export your logs to a storage account, it is still in private preview which includes only East US, West Europe and Central Canada locations. Basically, any new data arriving at Log Analytics ingestion endpoint, which is targeted to tables you selected, will be exported to your Storage Account hourly.

    And also, we are gonna include further documentation of Log analytics BCDR features that are available today and this information will be available in coming months.

    If you are looking to back up log analytics data to database, I would suggest you to provide the feedback here directly with responsible Azure team.

    Hope this helps!


    Thursday, January 16, 2020 8:57 AM
    Moderator

All replies

  • Thanks for reaching out!  AFAIK, you can export the log analytics data either to CSV file or PowerBI .

    There is another way to export data to storage account where you will query your workspace for required logs and then use Logic App to send data to your Azure blog storage. This approach requires minimal code and azure storage account acts as a backup.( I can share further steps on how to do if you are interested in backing up data to storage account).

    Please note that  Azure Monitor team are rolling out a new capability which will allow you to continuously export your logs to a storage account, it is still in private preview which includes only East US, West Europe and Central Canada locations. Basically, any new data arriving at Log Analytics ingestion endpoint, which is targeted to tables you selected, will be exported to your Storage Account hourly.

    And also, we are gonna include further documentation of Log analytics BCDR features that are available today and this information will be available in coming months.

    If you are looking to back up log analytics data to database, I would suggest you to provide the feedback here directly with responsible Azure team.

    Hope this helps!


    Thursday, January 16, 2020 8:57 AM
    Moderator
  • Hi, thanks for the answer. 

    It would be great if you could provide an example of how to use a Logic App to extract all Log Analytics data to a Storage Account. This would satisfy our needs for now. :)

    The new capability you were talking about sounds great too. This would be the target situation for us. 

    Kind regards!

    Friday, January 17, 2020 3:40 PM
  • Can you please send mail to Azcommunity@microsoft.com with MSDN link (for business context) so that I can share the steps ?
    Tuesday, January 21, 2020 4:57 AM
    Moderator