Sections and cards on the Overview tab for a Log Analytics alert in Health Log Analytics

  • Release version: Australia
  • Updated March 12, 2026
  • 1 minute to read

    • The Overview tab in Health Log Analytics helps you understand Log Analytics alerts.

    For a detailed description of Log Analytics alerts, see Types of Health Log Analytics alerts.

    Summary

    Identified issue

    This card describes the issue that led to the alert. The identified issue appears on the card and in the title for the alert. Information about the alert appears in the banner.

    Figure 1. Identified issue
    Identified issue appears here and in alert title.

    Select Details for more information about the alert.

    Select View surrounding logs to view the log lines that were generated one minute before and one minute after the alert. See Analyze log lines that surround an anomaly in Health Log Analytics.

    Anomaly

    This card illustrates the anomalous activity that led to the alert.

    The chart shows:
    • Recent anomalous activity
    • Expected behavior (the learned baseline)
    • Baseline values from one day earlier
    • Baseline values from the previous week
    In this example, the system tracks the baseline rate (the average number of events per minute) for a specific log pattern. When this typically inactive log generates a spike in events, the system detects the deviation from the baseline and generates an alert.
    Figure 2. Anomaly card
    Anomaly card identifies and illustrates anomalous behavior.

    In this example, the blue line represents the current average number of events per minute. The orange-shaded area represents the baseline values for the same hour in the previous week.

    Figure 3. Anomaly card with baseline values one week earlier
    Baseline values for same hour in previous week.

    For more information on the kinds of anomalies that you might encounter, see Types of anomalous behavior in Health Log Analytics.

    Impact

    Configuration Items
    This card provides information about the CIs that are impacted by the alert.
    Impacted services
    This card provides information about the services that are impacted by the alert.
    Figure 4. Impact section
    Impact section provides information on the impacted CIs and services.

    Cause

    Meaningful log properties
    On this card, each bar chart shows the distribution of values for a single log property that contributed to the anomaly. Each property value is associated with a color. The length of a color bar correlates to the percentage that the property value holds in comparison with all other values for the property.
    Figure 5. Meaningful log properties
    Meaningful log properties shows relative frequency of occurrence for property values.