Skip to content
This repository has been archived by the owner on Nov 9, 2023. It is now read-only.

Azure Logs

Hessam Shahriari edited this page Feb 4, 2020 · 6 revisions

All container logs are stored as JSON in Docker’s data directory. These logs are captured by Microsoft’s Operations Management Suite that is running as docker containers through Nomad’s system job scheduler:

Nomad file: azure-log.hcl

nomad_systemjob

To query these logs you need to access Azure Portal using your Penn A1 account: https://portal.azure.com/ Then navigate to resource groups, and go to use2-uphs-pennsignals-onprem-logs RG:

1Xup3E_44dLX2YwZW1oK6tF6nyDYe6s3QFTGYIQ8

To view a summary of all containers navigate to Containers(on-prem-workspace) solution and then click on View Summary under Container Monitoring Solution, then click on the piechart to expand the dashboard.

1Ma8V4cDzoqO-3dykV2XNc6t_ZDNxmO1Aa9GCjOA

To view and Query logs, go back to use2-uphs-pennsignals-onprem-logs resource group and then click on on-prem-workspace. Then from the sidebar click on Logs:

1N7J4ihv9uH-EHcqILOgJBZWhnFDHcKss5B-qmmw

You can run queries in the query pane window and then export as CSV. To access some of the saved queries as a starting point, click on Query Explorer and click on Saved queries:

1MLB0cNnsbUEpxvonq_AE-zwtZkbbHKUJZwkdlIU

Azure Log Analytics uses KQL that provides an extensive set of functions to enhance the ability to find and extract content from logs. The list of functions can be found in the Microsoft's documentation.

Sample Queries:

  • Get ventcue logs:
ContainerLog | sort by TimeGenerated desc | where Name contains "vent-cue" 
  • Get ventcue staging logs that is running on node uphsvlndc145:
ContainerLog | sort by TimeGenerated desc 
| where Name contains "vent-cue" 
| where Image == "uphsvlndc145"
  • Get ventcue logs and extract timestamp from the log message and project it as a separate column:
ContainerLog | sort by TimeGenerated desc 
| where Name contains "vent-cue"
| project timeStamp=substring(LogEntry, 0, 34), vent-logs=LogEntry 
Clone this wiki locally