Log Analytics Security View shows empty graphs sometimes #724
Comments
|
Hello @EvgeniaMartynova: Please follow the below steps and let me know if this resolves your issue. Step 1: Check if the log analytics workspace has been set correctly. To verify follow this FAQ. Step 2: If you are certain that events are being sent to the Log Analytics workspace but you are seeing blank views/no query results, you may need to extend the duration applicable to the queries. (This can be done using the 'Time range' selector next to the 'Run' button at the top of the query window.). Read more about this here. |
|
Hi Siniki, The duration is not a problem. In the CA scan logs I see sometimes an error that AzSK resource group is not found, I don't know whether it is related to the scan results not shown for some subscriptions from time to time in the LogAnalytics workspace. |
Title
Log Analytics Security View shows empty graphs sometimes
Description
Log Analytics Security View shows empty graphs sometimes though corresponding Kusto query for the view gives non-empty result set.
Steps to reproduce
Setup Log Analytics and CA for multiple automation accounts as described on the page:
https://github.com/azsk/DevOpsKit-docs/tree/master/04-Continous-Assurance
Expected behavior
'Security Monitoring using the AzSK' dashboards shows graphs and tables corresponding to the scan results
Actual behavior
'Security Monitoring using the AzSK' dashboards shows sometimes empty graphs.
However if I click on the "see all" link below it shows non empty result set:
The text was updated successfully, but these errors were encountered: