cancel
Showing results for 
Search instead for 
Did you mean: 

From Azure Log Analytics to an alert dashboard in PowerApps

After reviewing the Azure Log Analytics connector and working a lot with Azure Log Analytics, I have chosen to create a concept to use Kusto queries and displaying the results on a dashboard in a power app. This concept has not been implemented in production and is merely an example of how to combine Azure connectors with Flow and PowerApps.

Design.pngWhen looking at the design, three big components are used:

>> PowerApps – dashboard – Trigger for the flows

>> Microsoft Flow – Connection between Azure Log Analytics workspace and the Power App.

>> The "Log Analytics" workspace that contains logs of Azure resources.

 

In this example, a virtual machine that points to a Log Analytics workspace and collects all of the performances and security parameters of the virtual machine.

 

Before building the power app and flows, homework needs to be done in Azure. In this case, all the connectors in Flow will use a service principal to connect to the Azure Tenant and use the lowest privilege access rules.

 

In the Azure Portal, go to Azure AD and select "App registrations" in this blade click "New registration". Creating an app registration for the Log Analytics access in  Azure.

Flow09-05.pngApp registrations

Flow09-06.png

Give a name for the app application service principal name.

Flow09-07.png

When the app registration has been performed a secret need to be created. Select and click "Certificates & secrets" and click "New client secret". Make note of the password that has been created.

Flow09-08.png

The Client ID, Client Secret, and Tenant ID will be used to authenticate the Azure Log Analytics connector in Flow to the Azure tenant. When this has been completed the development will proceed towards the power app. 
For the API permissions for Log Analytics and the tenant, permissions need to set.

LogAnalytics_API.pngAPI permissions

For Log Analytics API, admin consent is required and need to be enabled.

Log Analytics workspace and Azure VM's that have diagnostics settings enabled. 
LogAnalytics_Perf.png

The power app contains a simple gallery that displays the result of each Kusto query. Using a control timer, that function as a trigger for the Flow to get the results from the Log Analytics workspace. The flow will be triggered as the timer starts, and the timer is starting automatically and restarts every time the refresh time runs out.

Two screens have been created to display alerts for high CPU levels and Windows Updates for the virtual machine. This is how the screens are looking in the power app editor:

Flow09-01.pngAlerts dashboardFlow09-02.pngWindows updates dashboard

Within the timer property value, "OnTimerStart" following code has been added:

  • ClearCollect(Alerts,LogAnalyticsCPU.Run()) >> Gallery will be connected to the collection "Alerts
  • ClearCollect(WindowsUpdates,'LogAnalyticsWU'.Run()) >> Gallery will be connected to the collection "Windows Updates" 

One of the Flows that will be triggered from out of the power app, is "Log Analytics CPU"

The Flow is triggered by the power app, the action "Run query and list results" from the Azure Log Analytics connector will run the Kusto query. 

FlowCPU-01.png

Authentication of the Azure Log Analytics connector will be done by an app application service principal that has been created in one of the previous steps: Flow09-09.png

Entering the correct client ID, tenant ID and client secret and clicking "Create" will connect the action to the given tenant and subscription, resource group and log analytics workspace can be selected. 

FlowCPU-02.png

In the next two steps a filter will select only the information that we need to send back to the power app. 
Because of the array, "Response HTTP" is used to send the information back towards the power app.
This is the JSON schema used to send the information:

{
    "type""array",
    "items": {
"type""object",
        "properties": {
            "HostName": {
                "type""string"
            },
            "AvgCPU": {
                "type""number"
            }
        },
        "required": [
            "HostName",
            "AvgCPU"
        ]
    }
}

The same flow has been used for Windows Updates, but with a different Kusto query. See flow below:

FlowCPU-04.png

Screenshot of the Windows update result for the virtual machine:

2019-05-28 16_18_06-.gif

This will be the same for alerts when the CPU is higher than 75%.

Hope you Like & Share this article! Please ask any questions in the comments below!
Thanks for reading! 

Meet Our Blog Authors
  • Working daily with Microsoft Cloud to deliver the needs of my company, my customers and various Microsoft communities and forums. | Office 365 | Flow | PowerShell | PowerApps | SharePoint |
  • Co-founder of https://plumsail.com, Office 365 and SharePoint expert. Passionate about design and development of easy to use, convenient and flexible products.
  • Microsoft Business Apps MVP. Owner of ThriveFast, an Office 365 consulting company.
  • 7x Microsoft Business Solutions MVP (CRM)
  • Solution Architect with Slalom, and organizer of the Boston Office 365 User Group, and long term SharePoint/Office 365 veteren. Find more at http://www.davidlozzi.com. Follow @DavidLozzi
  • I'm keen in MS technologies, SharePoint, Office 365 and development for them
  • Daniel is a Business Productivity Consultant & Microsoft Business Solutions MVP who is very enthusiastic about all things Office 365, Microsoft Flow, PowerApps, Azure & SharePoint (Online). Since the preview, Daniel has been working with Microsoft Flow and later on with Microsoft PowerApps. That led to him being awarded an MVP Award for Business Solutions. He loves to blog, present and evangelize about improving productivity in the modern workspace with these amazing tools!
  • Michelle is an Office 365 solution architect in Twin Cities, MN. She has been delivering business collaboration solutions for years with her focus on SharePoint and Office 365. Michelle is a recent board member of the Minnesota Office 365 User Group and has been a member of the SharePoint community since 2009. She is a frequent speaker at MNSPUG and SharePoint Saturday and co-chaired the Legal SharePoint User Group for 4 years. Her most frequent projects have involved rolling out a large deployment of Office 365, SharePoint Online intranet, build of a "CHAMPS" Office 365 user adoption program and most recently, SharePoint On-Premise to Online Migration. Michelle is very excited about cloud technology as it is shifting her IT Pro focus to collaboration strategy and technical adoption.
  • I'm a Microsoft Office Servers and Services MVP with a special interest in SharePoint, Office 365, Microsoft Flow, Microsoft Teams and PowerApps. I work at Triad Group Plc ( https://triad.co.uk)
>