LoginSignup
1
3

More than 3 years have passed since last update.

@min150

【Azure】AzureLogAnalyticsログクエリまとめ#1 パフォーマンス

Last updated at Posted at 2020-09-27

LogAnalyticsWorkspaceで対象VMのパフォーマンスを抽出するときにお便利なクエリ集です。前提として、対象VMへの設定が必要になります。(秒でできる設定です:ok_hand:)

設定方法-LinuxOS
設定方法-WindowsOS

抽出されたデータをもとに、アラートやダッシュボードも作成できます。メトリクスを使ったアラート/ダッシュボードよりもカスタマイズが効くので、お便利かなと思います。

CPU

Perf 
| where Computer == "対象VM" 
| where ObjectName == "Logical Disk" and CounterName == "% Used Space" and InstanceName == "_Total"

特定のコンピューターの CPU 使用率の平均、最小、最大、75 パーセンタイル (1 時間ごと)
※InstanceName <> "_Total" の箇所は実機に合わせてください

Perf 
| where CounterName == "% Processor Time" and InstanceName == "_Total" and Computer == "対象VM"
| summarize ["min(CounterValue)"] = min(CounterValue), ["avg(CounterValue)"] = avg(CounterValue), ["percentile75(CounterValue)"] = percentile(CounterValue, 75), ["max(CounterValue)"] = max(CounterValue) by bin(TimeGenerated, 1h), Computer

特定のコンピューターのfree

Perf 
| where Computer == "対象VM" 
| where ObjectName == "Logical Disk" and CounterName == "Free Megabytes" and InstanceName == "_Total"

RAM

vm全体のメモリ使用率

Perf 
| where Computer == "対象VM"  
| where ObjectName == "Memory" and CounterName == "% Used Memory"

プロセッサ時間の平均、50 パーセンタイル、95 パーセンタイルを 1 時間のビンに表示

Perf
| where TimeGenerated > ago(1d) 
| where CounterName == "% Processor Time" 
| summarize avg(CounterValue), percentiles(CounterValue, 50, 95)  by bin(TimeGenerated, 1min)

SWAP

swap領域使用率

Perf 
| where Computer == "対象VM"  
| where ObjectName == "Memory" and CounterName == "% Used Swap Space"

Local storage

特定のdiskのfree

Perf 
| where Computer == "対象VM"  
| where ObjectName == "Logical Disk" and CounterName == "Free Megabytes" and InstanceName <> "_Total"

/mnt/src/sasfs1のfreeMegabyteをタイムチャート形式で表示

Perf 
| where Computer == "対象VM" and InstanceName == "/mnt/src/sasfs1" 
| where ObjectName == "Logical Disk" and CounterName == "Free Megabytes"

論理ディスクのCPU使用率

Perf
| where Computer == "対象VM"  
| where ObjectName == "Logical Disk"  and CounterName == "% Used Space"

ディスクの読込み秒数(persec)
InstanceName == "/"の箇所は実機にあわせてください

Perf 
| where Computer == "対象VM" 
| where ObjectName == "Logical Disk" and CounterName == "Disk Reads/sec" and InstanceName == "/"

ディスクの書込み秒数(persec)

Perf 
| where Computer == "対象VM" 
| where ObjectName == "Logical Disk" and CounterName == "Disk Writes/sec" and InstanceName == "/"

syslog

SysylogからErrorのみ抽出

Syslog 
| where SeverityLevel == "err"

特定のエラーを排除した状態でSysylogからErrorのみ抽出

Syslog 
| where SeverityLevel == "err" 
| where SyslogMessage <> "blk_update_request: I/O error, dev fd0, sector 0"
1
3
0

Register as a new user and use Qiita more conveniently

  1. You get articles that match your needs
  2. You can efficiently read back useful information
  3. You can use dark theme
What you can do with signing up
Sign upLogin
1
3