|
Size: 562
Comment:
|
Size: 625
Comment:
|
| Deletions are marked like this. | Additions are marked like this. |
| Line 12: | Line 12: |
| | where TimeGenerated < ago(4d) | //| where TimeGenerated < ago(4d) | where TimeGenerated between( datetime("2020-06-18 02:00:00 ") .. now()) |
| Line 14: | Line 15: |
| | limit 5000 |
k8s/Azure/KustoLogs
- Queries in Azure Kusto Query language.
Find logs for specific pod/namespace
let _podInventory = ( KubePodInventory | where Namespace has "MyNamespace-prd" | where ContainerName has_any ('container1', 'container2' , 'container3' ) ); ContainerLog //| where TimeGenerated < ago(4d) | where TimeGenerated between( datetime("2020-06-18 02:00:00 ") .. now()) | join kind=inner _podInventory on $left.ContainerID == $right.ContainerID | project LogEntry, Name1, Namespace , ContainerName, TimeGenerated, ClusterId, PodRestartCount