Kusto: Query to get http status codes
I am trying to query Azure container apps to create a custom alert for when there is an Http status code of 400.
I am new to kusto. I attempted the below query:
CIEventsAudit
| where StatusCode == 400
| sort by TimeGenerated desc
| limit 100
Your query attempt is on the right track. CIEventsAudit is the table to be used for retrieving the http status code logs for container apps.
The below query which you already tried gives you the logs that are limited to the count100 when they are having http status code 400. And sort the logs in the descending order wrt TimeGenerated field.
CIEventsAudit
| where StatusCode == 400
| sort by TimeGenerated desc
| limit 100
Alternatively, you can also use below query to achieve your requirement.
CIEventsAudit
| where OperationName contains "HttpRequest"
| where OperationStatus == 400
| sort by TimeGenerated desc
| limit 100
Once you are done with adding either of the above queries, you can create an alert rule with custom log search signal as shown below.
Under Actions, provide the necessary action group details to meet your requirements.
- logs not appearing in Application Insights for Azure Functions v4 with .NET 8
- Application Insights Logging Exceptions as Trace
- Native Node.js Metrics in Application Insights
- How to find non distinct/duplicate messages in Azure Application Insights?
- Application insights misunderstanding sampling data
- Some Azure function logs are missing from Application Insights
- Application Insights KQL query - not in sub query
- Using LogMetric in an Azure Function 8.0 isolated mode
- Logging BeginScope with Azure Application Insights
- Terraform Hidden Links for Azure Function App
- What additional benefits can Sentry.IO provide over Application Insights for ASP.NET Core?
- Isolated function app does not log traces but only information
- Logs logging twice in application insights when used Serilog in Azure Function app .NET 6
- Using Application Insights with Unit Tests?
- Using Azure AppInsights in a Nodejs Express Azure WebApp Application
- How do I create an Azure workbook that accepts a time range in UTC?
- Use Application Insight with ASP API Core
- How to monitor a Windows Service on an Azure VM?
- Live Metrics Displaying <Empty Role> in Application Insights
- NLog not writing to ApplicationInsightsTarget in ASP.NET Core
- Azure AKS with Managed Identity can not write to Application Insights
- How to connect Rust Web App to application insights?
- ExceptionFilterAttribute may not be logging exceptions in ApplicationInsights
- Is Application Insight logging, happening in background?
- Unable to see my log messages below than Warning on Azure Monitor
- Azure Function Serilog Not Writing to App Insights
- Given an Applications Insight Instrumentation key, get the name of the service in Azure
- Azure Application Insights does not show C# ILogger logs
- Kusto query to project json data
- Query Azure Application Insights CustomEvents in Azure function in C#.Net