Create a LogAnalytics Workspace with PowerShell

LogAnalytics Workspaces can be used for many reasons.

  • Run typical Operations Management for your Infrastructure Services
  • Log-Consolidation engine for an Azure Automation Account
  • Log Collector for Microsoft foreign Logs (Syslog, other custom Logs

This blogpost will demonstrate how easy it is to create a Log Analytics Workspace.

Step 1 – Logon to Azure with PowerShell

PS: This doesnt work with non-Domain Account (aka Microsoft Accounts)

Step 2 – Define Names and Resource Groups and create the Workspace

If you look at the script below, i have set the location to „westeurope“, you may want to change that to a location of your Azure Service, i.e. „westus“. If you want to use another SKU than free, the other options are:

  • PerNode
  • Premium
  • Standalone
  • Standard
  • Unlimited

So now we have an empty Log Analytics Workspace, which can retrieve Logs from Agents. But whats missing are LogAnalytics Solutions, which we will add in the next step

Step 3 – Add Solutions and activate Performance Counters

If you want to manage Windows and Linux Servers later with this Log Analytics Workspace, you will want to see performance data as well. This can be achieved with the script below.

Step 4 – Activate Solutions

The real fun with LogAnalytics starts with Solutions. They analyze data and form it to useful information. The script below shows some samples, which you can extend to your needs.

So now that we have our Loganalytics Workspace setup, it will also appear in the Azure Portal, and you can start managing it.

With best regards/Roman