Share via
- Article
Note
You can enjoy the benefit of IT Health and On-Demand Assessments with your Premier agreement by purchasing a RAP as a Service subscription. Contact your Microsoft representative for more information.
The new and improved Azure Log Analytics announced recently provides a powerful query language with built-in Smart Analytics.
To make the best use of the enhancements, we have provided few queries tomake sense of your assessments data using the new query language.
Try the new query language:
Ramp-Up in 5 minutes with our query language cheat sheet.
Visit Getting Started with Queries to learn how to write new queries.
Use the Query Language Reference for details on functions, operators, and types.
Check out our tutorials on Working with String, and Date and Time Operations to learn about data types.
Use aggregations to get insights on your data.
Relevant Queries
Get Assessment Log Data for a Particular Computer
- Operation | where Computer == "ContosoADDS1.ContosoRetail.com" |summarize arg_max(TimeGenerated, *) by OperationCategory, Solution, Detail
Check the Status of a Solution for Various Operation Categories on AllComputers
Check whether Operations such as Assessment Target Check, .NET Check, IsLocal Administrator Check etc. were successful or not.
Operation | where Solution =="SQLAssessment" | summarizearg_max(TimeGenerated, *) by Computer, OperationCategory | sort byTimeGenerated desc , OperationStatus asc
For an Assessment, get all Affected Objects and when they were Accessed
- SQLAssessmentRecommendation | summarize AggregatedValue =max(TimeGenerated) by AffectedObjectName | sort by AggregatedValue desc
Check for Recommendation Data Available for an Assessment or Not
- SQLAssessmentRecommendation | summarize Result = count() > 0(returns atrue or false value based on whether data is available or not)
To Get Details for a Particular Recommendation Id that Failed
- SQLAssessmentRecommendation | where RecommendationId=="7821eda2-c420-4920-bc0c-ca8cd1d48482" and RecommendationResult=="Failed"
Get Prioritized list of Failed Recommendations
- This lists the failed recommendations for unique combinations ofRecommendationId and AffectedObjectUniqueName for the latest run of anAssessment.
- ADAssessmentRecommendation | summarize arg_max(TimeGenerated, *) byRecommendationId, AffectedObjectUniqueName |where RecommendationResult =="Failed" | sort by RecommendationScore desc, TimeGenerated desc
Refer use of arg_max as mentioned in query 1 above.
Get Details Related to Recommendations that Failed for a ParticularAffected Object
- SQLAssessmentRecommendation | where AffectedObjectName =="ContosoMABSVM1.CONTOSORETAIL.COM" | summarize arg_max(TimeGenerated, *)by RecommendationId | where RecommendationResult == "Failed"
Feedback
Was this page helpful?