Sections and cards on the Overview tab for a Log Analytics group

  • Release version: Washingtondc
  • Updated February 1, 2024
  • 2 minutes to read
    • Summarize
    Summarized using AI
    This content was generated using new OpenAI-powered functionality. Results are provided on an as is basis and are not guaranteed to be accurate or complete.

    Summary of Sections and cards on the Overview tab for a Log Analytics group

    The Overview tab in the Service Operations Workspace provides essential insights into Log Analytics groups, helping users manage and understand alerts related to IT operations. This section covers the key components displayed within the Overview tab, which are crucial for monitoring and responding to alerts effectively.

    Show full answer Show less

    Key Features

    • Identified Issue Card: Displays the issue that triggered the alert, including relevant details in the banner and title.
    • Correlations List: Shows related alerts based on criteria such as time, metadata, message text, and trends. Higher correlation scores indicate a stronger relationship between alerts.
    • Alerts in Group Card: Lists Log Analytics alerts associated with a specific alert, allowing users to access details by selecting individual alerts.
    • Impact Configuration Items Card: Provides information on configuration items impacted by the alert.
    • Impacted Services Card: Offers insights into services affected by the alert.

    Key Outcomes

    By utilizing the Overview tab, customers can effectively identify and analyze Log Analytics alerts, understand correlations between them, and assess the impact on services and configuration items. This functionality enables timely responses to operational issues, ultimately enhancing IT service management and operational efficiency.

    The Overview tab in the Service Operations Workspace helps you understand Log Analytics groups.

    For a detailed description of Log Analytics groups, see Types of Health Log Analytics alerts.

    Summary

    Identified issue

    This card describes the issue that led to the alert. The identified issue appears on the card and in the title for the alert. Information about the alert appears in the banner.

    Figure 1. Identified issue
    Identified issue appears here and in alert title.

    Select View correlations to view the list of correlations that relate the Log Analytics alerts.

    Correlations list

    During initial analysis, alerts are scored. Each correlation in the alert's log data with another alert contributes to the score. The higher the score, the more likely the alert is to be included as a Log Analytics alert in a Log Analytics group.

    The following kinds of data are considered when determining whether alerts are correlated:

    • Time: The events all occurred within a configured time interval.
    • Metadata: The alerts have matching values in log-line metadata. For example, all alerts involve the same host.
    • Message text: The message text in the log data is similar or identical between alerts.
    • Trend: The alerts show a similar tendency in values or rates. For example, a particular metric value is increasing in all alerts.
    Figure 2. Correlations
    Correlations lists log correlators and Log Analytics alerts per group.
    1. List of correlations: The first correlation in the list is expanded to show the individual Log Analytics alerts that are correlated and the log correlator that the alerts share.
    2. An individual log correlator: The identifier for a group of correlated Log Analytics alerts. The alerts are grouped by the log-line data or metadata that is common to the alerts (for example, IP address, host name, or user name). The number in the blue square indicates the number of correlated alerts.
    3. Log Analytics alerts that are correlated.
    Alerts in group

    For a Log Analytics alert, the Alerts in group card shows the Log Analytics alerts that are grouped under the Log Analytics alert. Select a Log Analytics alert to view its details.

    Figure 3. Alerts in group
    Select a Log Analytics alert to view its details.

    Select View all to the view the list of all Log Analytics alerts in the group and relevant information about them. You can also view the Alerts in group list by selecting the Related records tab and then selecting Alerts in group. For more information, see View the list of Log Analytics alerts in a Log Analytics group

    Impact

    Configuration Items
    This card provides information about the CIs that are impacted by the alert.
    Impacted services
    This card provides information about the services that are impacted by the alert.
    Figure 4. Impact section
    Impact section provides information on the impacted CIs and services.