Configure Alert Rules with Dimensions in Azure Log Analytics

C

Metric alerts in Azure Monitor provide a way to get notified when one of your metrics cross a threshold. Metric alerts work on a range of multi-dimensional platform metrics, custom metrics, Application Insights standard and custom metrics.

Note: Signals are emitted by the target resource and can be of several types. Metric, Activity log, Application Insights, and Log.

To meet the given requirements, the recommended signal type to use when creating alert rules in Azure Log Analytics is Metric.

Here's why:

1. Supports dimensions: Alert rules created using Metric signals support dimensions, which allows you to filter and group alert results based on specific properties of the monitored resource. This can help you to quickly identify the root cause of any issues that trigger the alert.

2. Fast alert generation: Metric signals are pre-aggregated, which means they are faster to query than raw logs. This can reduce the time it takes to generate alerts when compared to using Log signals.

3. One-time notifications: Metric alerts support one-time notifications for when the alert is generated and when it is resolved. This ensures that you don't receive multiple notifications for the same issue, which can be particularly important if you are monitoring a large number of servers.

In contrast, Log (Saved Query) signals are a good choice if you need to create complex alert rules that require querying large amounts of log data. However, this comes at the cost of slower alert generation times and potentially higher costs due to the increased amount of data being processed.

In summary, the Metric signal type is recommended for creating alert rules in Azure Log Analytics when you need to support dimensions, minimize alert generation times, and ensure one-time notifications for generated and resolved alerts.