Merge pull request #46558 from MicrosoftDocs/repo_sync_working_branch

Confirm merge from repo_sync_working_branch to master to sync with https://github.com/Microsoft/azure-docs (branch master)

Author: huypub

articles/application-insights/app-insights-asp-net-trace-logs.md

@@ -61,7 +61,7 @@ Use this method if your project type isn't supported by the Application Insights
 
    * Microsoft.ApplicationInsights.TraceListener (to capture System.Diagnostics.Trace calls)
    * Microsoft.ApplicationInsights.EventSourceListener (to capture EventSource events)
-   * Microsoft.ApplicationInsights.EtwListener (to capture ETW events)
+   * Microsoft.ApplicationInsights.EtwCollector (to capture ETW events)
    * Microsoft.ApplicationInsights.NLogTarget
    * Microsoft.ApplicationInsights.Log4NetAppender
 

articles/azure-functions/functions-bindings-cosmosdb-v2.md

@@ -921,7 +921,7 @@ Here's the binding data in the *function.json* file:
     "collectionName": "MyCollection",
     "id" : "{queueTrigger_payload_property}",
     "partitionKey": "{queueTrigger_payload_property}",
-    "connectionStringSettingStringSetting": "MyAccount_COSMOSDB",     
+    "connectionStringSetting": "MyAccount_COSMOSDB",     
     "direction": "in"
 },
 {

articles/azure-functions/functions-bindings-cosmosdb.md

@@ -1044,7 +1044,7 @@ Here's the *function.json* file:
 
 Here's the JavaScript code:
 
-```cs
+```javascript
 module.exports = function (context, req, toDoItem) {
     context.log('JavaScript queue trigger function processed work item');
     if (!toDoItem)

articles/log-analytics/log-analytics-cross-workspace-search.md

@@ -27,7 +27,7 @@ Now you can query not only across multiple Log Analytics workspaces, but also da
 To reference another workspace in your query, use the [*workspace*](https://docs.loganalytics.io/docs/Language-Reference/Scope-functions/workspace()) identifier, and for an app from Application Insights, use the [*app*](https://docs.loganalytics.io/docs/Language-Reference/Scope-functions/app()) identifier.  
 
 ### Identifying workspace resources
-The following examples demonstrate queries across Log Analytics workspaces to return summarized counts of updates from the Update table on a workspace named *contosoretail-it*. 
+The following examples demonstrate queries across Log Analytics workspaces to return summarized counts of logs from the Update table on a workspace named *contosoretail-it*. 
 
 Identifying a workspace can be accomplished one of several ways:
 
@@ -40,7 +40,7 @@ Identifying a workspace can be accomplished one of several ways:
 
 * Qualified name - is the “full name” of the workspace, composed of the subscription name, resource group, and component name in this format: *subscriptionName/resourceGroup/componentName*. 
 
-    `workspace('contoso/contosoretail/development').requests | count `
+    `workspace('contoso/contosoretail/contosoretail-it').Update | count `
 
     >[!NOTE]
     >Because Azure subscription names are not unique, this identifier might be ambiguous. 
@@ -54,7 +54,7 @@ Identifying a workspace can be accomplished one of several ways:
 
     For example:
     ``` 
-    workspace("/subscriptions/e427519-5645-8x4e-1v67-3b84b59a1985/resourcegroups/ContosoAzureHQ/providers/Microsoft.OperationalInsights/workspaces/contosoretail").Event | count
+    workspace("/subscriptions/e427519-5645-8x4e-1v67-3b84b59a1985/resourcegroups/ContosoAzureHQ/providers/Microsoft.OperationalInsights/workspaces/contosoretail").Update | count
     ```
 
 ### Identifying an application
@@ -85,6 +85,17 @@ Identifying an application in Application Insights can be accomplished with the
     app("/subscriptions/b459b4f6-912x-46d5-9cb1-b43069212ab4/resourcegroups/Fabrikam/providers/microsoft.insights/components/fabrikamapp").requests | count
     ```
 
+### Performing a query across multiple resources
+You can query multiple resorces from any of your resource instances, these can be workspaces and apps combined.
+    
+Example for query across two workspaces:    
+    ```
+    union Update, workspace("contosoretail-it").Update, workspace("b459b4u5-912x-46d5-9cb1-p43069212nb4").Update
+    | where TimeGenerated >= ago(1h)
+    | where UpdateState == "Needed"
+    | summarize dcount(Computer) by Classification
+    ```
+
 ## Next steps
 
 Review the [Log Analytics log search reference](https://docs.loganalytics.io/docs/Language-Reference) to view all of the query syntax options available in Log Analytics.    

articles/log-analytics/log-analytics-tutorial-response.md

@@ -19,55 +19,64 @@ ms.component: na
 ---
 
 # Respond to events with Azure Monitor Alerts
-Alerts in Azure Monitor can identify important information in your Log Analytics repository. They are created by alert rules that automatically run log searches at regular intervals, and if results of the log search match particular criteria, then an alert record is created and it can be configured to perform an automated response.  This tutorial is a continuation of the [Create and share dashboards of Log Analytics data](log-analytics-tutorial-dashboards.md) tutorial.   
+Log search rules are created by Azure Alerts to automatically run specified log queries at regular intervals.  If the results of the log query match particular criteria, then an alert record is created. The rule can then automatically run one or more actions using [Action Groups](../monitoring-and-diagnostics/monitoring-action-groups.md).
 
 In this tutorial, you learn how to:
 
 > [!div class="checklist"]
 > * Create an alert rule
 > * Configure an Action Group to send an e-mail notification
 
-To complete the example in this tutorial, you must have an existing virtual machine [connected to the Log Analytics workspace](log-analytics-quick-collect-azurevm.md).  
+To complete the example in this tutorial, you must have an existing virtual machine [connected to the Log Analytics workspace](log-analytics-quick-collect-azurevm.md).
 
-## Log in to Azure portal
-Log in to the Azure portal at [https://portal.azure.com](https://portal.azure.com). 
+## Sign in to Azure portal
+Log in to the Azure portal at [https://portal.azure.com](https://portal.azure.com).
 
 ## Create alerts
-Alerts are created by alert rules in Azure Monitor and can automatically run saved queries or custom log searches at regular intervals.  You can create alerts based on specific performance metrics or when certain events are created, absence of an event, or a number of events are created within a particular time window.  For example, alerts can be used to notify you when average CPU usage exceeds a certain threshold, when a missing update is detected, or when an event is generated upon detecting that a specific Windows service or Linux daemon is not running.  If the results of the log search match particular criteria, then an alert is created. The rule can then automatically run one or more actions, such as notify you of the alert or invoke another process. 
+Alerts are created by alert rules in Azure Monitor and can automatically run saved queries or custom log searches at regular intervals.  You can create alerts based on specific performance metrics or when certain events are created, absence of an event, or a number of events are created within a particular time window.  For example, alerts can be used to notify you when average CPU usage exceeds a certain threshold, when a missing update is detected, or when an event is generated upon detecting that a specific Windows service or Linux daemon is not running.  If the results of the log search match particular criteria, then an alert is created. The rule can then automatically run one or more actions, such as notify you of the alert or invoke another process.
 
-In the following example, you create a metric measurement alert rule based off of the *Azure VMs - Processor Utilization* query saved in the [Visualize data tutorial](log-analytics-tutorial-dashboards.md).  An alert is created for each virtual machine that exceeds a threshold of 90%.  
+In the following example, you create a metric measurement alert rule based off of the *Azure VMs - Processor Utilization* query saved in the [Visualize data tutorial](log-analytics-tutorial-dashboards.md).  An alert is created for each virtual machine that exceeds a threshold of 90%.
 
 1. In the Azure portal, click **All services**. In the list of resources, type **Monitor**. As you begin typing, the list filters based on your input. Select **Monitor**.
 2. In the left-hand pane, select **Alerts** and then click **New Alert Rule** from the top of the page to create a new alert.<br><br> ![Create new alert rule](./media/log-analytics-tutorial-response/alert-rule-02.png)<br>
 3. For the first step, under the **Create Alert** section, you are going to select your Log Analytics workspace as the resource, since this is a log based alert signal.  Filter the results by choosing the specific **Subscription** from the drop-down list if you have more than one, which contains the VM and Log Analytics workspace created earlier.  Filter the **Resource Type** by selecting **Log Analytics** from the drop-down list.  Finally, select the **Resource** **DefaultLAWorkspace** and then click **Done**.<br><br> ![Create alert step 1 task](./media/log-analytics-tutorial-response/alert-rule-03.png)<br>
-4. Under the section **Alert Criteria**, click **Add Criteria** to select our saved query and then specify logic that the alert rule follows.  From the **Configure signal logic** pane, select *Azure VMs - Processor Utilization* from the list.  The pane updates to present the configuration settings for the alert.  On the top, it shows the results for the last 30 minutes of the selected signal and the search query itself.  
-5. Configure the alert with the following information:  
-   a. From the **Based on* drop-down list select **Metric measurement**.  A metric measurement will create an alert for each object in the query with a value that exceeds our specified threshold.  
-   b. For the **Condition**, select **Greater than** and enter **90** for **Threshold**.  
-   c. Under Trigger Alert Based On section, select **Consecutive breaches** and from the drop-down list select **Greater than** enter a value of 3.  
-   d. Under Evaluation based on section, accept the defaults. The rule will run every five minutes and return records that were created within this range of the current time.  
-6. Click **Done** to complete the alert rule.<br><br> ![Configure alert signal](./media/log-analytics-tutorial-response/alert-signal-logic-02.png)<br> 
+4. Under the section **Alert Criteria**, click **Add Criteria** to define the query and then specify logic that the alert rule follows. From the **Configure signal logic** pane, select **Custom log search** as signal name and enter your query in **Search query**.
+
+    For example:
+    ```
+    Perf
+    | where CounterName == "% Processor Time" and ObjectName == "Processor" and InstanceName == "_Total"
+    | summarize AggregatedValue=avg(CounterValue) by bin(TimeGenerated, 1m)
+    ```
+
+The pane updates to present the configuration settings for the alert.  On the top, it shows the results for the last 30 minutes of the selected signal.
+5. Configure the alert with the following information:
+   a. From the **Based on* drop-down list select **Metric measurement**.  A metric measurement will create an alert for each object in the query with a value that exceeds our specified threshold.
+   b. For the **Condition**, select **Greater than** and enter **90** for **Threshold**.
+   c. Under Trigger Alert Based On section, select **Consecutive breaches** and from the drop-down list select **Greater than** enter a value of 3.
+   d. Under Evaluation based on section, accept the defaults. The rule will run every five minutes and return records that were created within this range of the current time.
+6. Click **Done** to complete the alert rule.<br><br> ![Configure alert signal](./media/log-analytics-tutorial-response/alert-signal-logic-02.png)<br>
 7. Now moving onto the second step, provide a name of your alert in the **Alert rule name** field, such as **Percentage CPU greater than 90 percent**.  Specify a **Description** detailing specifics for the alert, and select **Critical(Sev 0)** for the **Severity** value from the options provided.<br><br> ![Configure alert details](./media/log-analytics-tutorial-response/alert-signal-logic-04.png)<br>
 8. To immediately activate the alert rule on creation, accept the default value for **Enable rule upon creation**.
-9. For the third and final step, you specify an **Action Group**, which ensures that the same actions are taken each time an alert is triggered and can be used for each rule you define.  Configure a new action group with the following information:  
+9. For the third and final step, you specify an **Action Group**, which ensures that the same actions are taken each time an alert is triggered and can be used for each rule you define.  Configure a new action group with the following information:
    a. Select **New action group** and the **Add action group** pane appears.
-   b. For **Action group name**, specify a name such as **IT Operations - Notify** and a **Short name** such as **itops-n**.  
-   c. Verify the default values for **Subscription** and **Resource group** are correct. If not, select the correct one from the drop-down list.   
+   b. For **Action group name**, specify a name such as **IT Operations - Notify** and a **Short name** such as **itops-n**.
+   c. Verify the default values for **Subscription** and **Resource group** are correct. If not, select the correct one from the drop-down list.
    d. Under the Actions section, specify a name for the action, such as **Send Email** and under **Action Type** select **Email/SMS/Push/Voice** from the drop-down list. The **Email/SMS/Push/Voice** properties pane will open to the right in order to provide additional information.
-   e. On the **Email/SMS/Push/Voice** pane, enable **Email** and provide a valid email SMTP address to deliver the message to. 
+   e. On the **Email/SMS/Push/Voice** pane, enable **Email** and provide a valid email SMTP address to deliver the message to.
    f. Click **OK** to save your changes.<br><br> ![Create new action group](./media/log-analytics-tutorial-response/action-group-properties-01.png)<br>
-10. Click **OK** to complete the action group. 
-11. Click **Create alert rule** to complete the alert rule. It starts running immediately.<br><br> ![Complete creating new alert rule](./media/log-analytics-tutorial-response/alert-rule-01.png)<br> 
+10. Click **OK** to complete the action group.
+11. Click **Create alert rule** to complete the alert rule. It starts running immediately.<br><br> ![Complete creating new alert rule](./media/log-analytics-tutorial-response/alert-rule-01.png)<br>
 
 ## View your alerts in Azure portal
-Now that you have created an alert, you can view Azure alerts in a single pane and manage all alert rules across your Azure subscriptions. It lists all the alert rules (enabled or disabled) and can be sorted based on target resources, resource groups, rule name, or status. Included is an aggregated summary of all the fired alerts, and total configured/enabled alert rules.<br><br> ![Azure Alerts status page](./media/log-analytics-tutorial-response/azure-alerts-02.png)  
+Now that you have created an alert, you can view Azure alerts in a single pane and manage all alert rules across your Azure subscriptions. It lists all the alert rules (enabled or disabled) and can be sorted based on target resources, resource groups, rule name, or status. Included is an aggregated summary of all the fired alerts, and total configured/enabled alert rules.<br><br> ![Azure Alerts status page](./media/log-analytics-tutorial-response/azure-alerts-02.png)
 
 When the alert triggers, the table reflects the condition and how many times it occurred within the time range selected (the default is last six hours).  There should be a corresponding email in your inbox similar to the following example showing the offending virtual machine and the top results that matched the search query in this case.<br><br> ![Alert email action example](./media/log-analytics-tutorial-response/azure-alert-email-notification-01.png)
 
 ## Next steps
 In this tutorial, you learned how alert rules can proactively identify and respond to an issue when they run log searches at scheduled intervals and match a particular criteria.
 
-Follow this link to see pre-built Log Analytics script samples.  
+Follow this link to see pre-built Log Analytics script samples.
 
 > [!div class="nextstepaction"]
 > [Log Analytics script samples](powershell-samples.md)