sloutsky
commented
4 years ago This repo is for reporting Kusto Query Language parse bugs. If you have a specific question how to express question in KQL - please use StackOverflow (you can use tag 'kql') - the team will be happy to assist you.
I am using KQL language under log analytics workspace (Azure monitoring)
Perf | where ObjectName == "LogicalDisk" and CounterName == "% Free Space" and Computer != "net-fs3.networkhg.org.uk" and Computer != "NET-FS1.networkhg.org.uk" and Computer != "NET-SQL3.networkhg.org.uk" and Computer != "NET-EDMLIVEDB1.networkhg.org.uk" and Computer != "NET-EDM_KOFAX1.networkhg.org.uk" | summarize Free_Space = min(CounterValue) by Computer, InstanceName | where strlen(InstanceName) == 2 and InstanceName contains ":" and Computer != "NET-REPAIR2.networkhg.org.uk" and InstanceName !contains ":E" and Computer != "NH-E2016-01.networkhg.org.uk" and InstanceName !contains ":E" and Computer != "NH-E2016-02.networkhg.org.uk" and InstanceName !contains ":E" and Computer != "net-boxi1.networkhg.org.uk" and InstanceName !contains ":D" | where Free_Space < 10
Can you please help me with this query, I want to make sure that, only one of instance of the computer is being monitored instead of all, for example
In this instance I want that computer to avoid D drive instead of all drives, like I have specified in the query for all the computers, as I want other drives to be monitored. Computer != "net-boxi1.networkhg.org.uk" and InstanceName !contains ":D"