Merge pull request #263059 from millerjryan/docs-editor/tutorial-log-alert-1705006346

prmerger-automator[bot] · web-flow · commit 4cd0afbc1a74 · 2024-01-18T17:19:56.000Z
Adding examples of Aggregation granularity
diff --git a/articles/azure-monitor/alerts/tutorial-log-alert.md b/articles/azure-monitor/alerts/tutorial-log-alert.md
@@ -5,6 +5,7 @@ ms.topic: tutorial
 ms.date: 11/07/2023
 ---
 
+
 # Tutorial: Create a log query alert for an Azure resource
 Azure Monitor alerts proactively notify you when important conditions are found in your monitoring data. Log query alert rules create an alert when a log query returns a particular result. For example, receive an alert when a particular event is created on a virtual machine, or send a warning when excessive anonymous requests are made to a storage account.
 
@@ -54,7 +55,7 @@ Once you verify your query, you can create the alert rule. Select **New alert ru
 :::image type="content" source="media/tutorial-log-alert/create-alert-rule.png" lightbox="media/tutorial-log-alert/create-alert-rule.png"alt-text="Create alert rule":::
 ## Configure condition
 
-On the **Condition** tab, the **Log query** will already be filled in. The **Measurement** section defines how the records from the log query will be measured. If the query doesn't perform a summary, then the only option will be to **Count** the number of **Table rows**. If the query includes one or more summarized columns, then you'll have the option to use number of **Table rows** or a calculation based on any of the summarized columns. **Aggregation granularity** defines the time interval over which the collected values are aggregated. 
+On the **Condition** tab, the **Log query** will already be filled in. The **Measurement** section defines how the records from the log query will be measured. If the query doesn't perform a summary, then the only option will be to **Count** the number of **Table rows**. If the query includes one or more summarized columns, then you'll have the option to use number of **Table rows** or a calculation based on any of the summarized columns. **Aggregation granularity** defines the time interval over which the collected values are aggregated.  For example, if the aggregation granularity is set to 5 minutes, the alert rule will evaluate the data aggregated over the last 5 minutes. If the aggregation granularity is set to 15 minutes, the alert rule will evaluate the data aggregated over the last 15 minutes. It is important to choose the right aggregation granularity for your alert rule, as it can affect the accuracy of the alert.
 
 :::image type="content" source="media/tutorial-log-alert/alert-rule-condition.png" lightbox="media/tutorial-log-alert/alert-rule-condition.png"alt-text="Alert rule condition":::
 
