我在具有筛选器的自定义指标上有一个Azure监视器警报。这是“自定义日志查询”的样子:
customMetrics
| where name == 'MyMetricName'
| where cloud_RoleInstance == 'MyInstanceName'
| summarize AggregatedValue = sum(valueCount) by bin(timestamp, 5m)
我想在sum(valueCount)== 0时收到警告。为此,我指定“ Metric measurement” =>“ Less than” =>1。一旦运行运行该指标的服务,它就可以正常工作。停止时,将没有指标,并且上面的查询不会返回任何记录-这就是Kusto中聚合功能的工作方式。因此,该警报将永远不会触发:(。关于如何使其达到警报的任何想法?
答案 0 :(得分:2)
您可以考虑的一种选择是将summarize切换为make-series,然后指定kind=nonempty
https://docs.microsoft.com/en-us/azure/kusto/query/make-seriesoperator
答案 1 :(得分:0)
我只是按照Yoni的建议组合了系列,并提出了这个变体。我在我的Perf日志分析表之一上尝试了此方法,并且该方法有效。 请检查这种情况,并告诉我。
let data = customMetrics
| where name == 'MyMetricName'
| where cloud_RoleInstance == 'MyInstanceName'
| make-series kind = nonempty SumValue= sum(CounterValue) on timestamp from ago(30m) to now() step 5m // checking 30m interval this will equal assuming alert period = 30m
| mvexpand timestamp, SumValue
| where SumValue <= 1 // Filtering those 5 min time intervals where there is no data
| project todatetime(timestamp) , SumValue;
data
| summarize AggregatedValue = count() by bin(timestamp, 30m) // This will also be equal to alert period assuming 30 minutes