Query IIS Log to Align with Azure Application Insights
Query IIS Log to Align with Azure Application Insights
Azure Application Insights query targeting a local IIS log file via IIS Log Parser.
Kusto Query for AppInsights: requests
| where timestamp between(todatetime('2019-05-06T15:15:00.000')..todatetime('2019-05-06T15:22:00.000'))
| order by timestamp desc
| summarize count() by url
| order by count_
IIS Log Query Code:
SELECT cs-uri-stem AS Url,
FROM 'C:\users\xxxx\Documents\u_ex'
WHERE to_time(time) BETWEEN TIMESTAMP('15:15:00','hh🇲🇲ss') AND TIMESTAMP('15:22:00','hh🇲🇲ss')
AND DATE = '2019-05-06'
COUNT(*) AS Hits
GROUP BY cs-uri-stem
ORDER BY Hits DESC
Error handling for IIS query encountered.
Is the FROM targeting a specific selection of log files?
I looked into it a bit and found the conclusion differs from what I expected.
Maybe the proper syntax should be something like:
FROM 'C:\users\xxxx\Documents\u_ex*.log'
with the asterisk as a wildcard...
I also saw that the error mentioned
\Docments\
[My underline.]
Your code displays "FROM 'C:\users\xxxx\Documents\u_ex'", and "Documents" isn’t misspelled in your posted text.
Check the actual code running—verify the spelling of "Documents".
The error also points to "u+ex" (underscore vs plus sign) – make sure special characters are allowed correctly.
Just some observations from afar.