IT Certification exam information exchange, brain dumps discussions sharing.
You are not logged in. Please login or register.
Share Test → VCE Exam Simulator → AZ-104 topic 2 question 42
You have an Azure subscription named Subscription1 that contains an Azure Log Analytics workspace named Workspace1.
You need to view the error events from a table named Event.
Which query should you run in Workspace1?
A.
Get-Event Event | where {$_.EventType == "error"}
B.
Event | search "error"
C.
select * from Event where EventType == "error"
D.
search in (Event) * | where EventType ג€"eq ג€errorג€
B) 'Event | search "error"'
Reference: https://docs.microsoft.com/en-us/azure/azure-monitor/logs/log-analytics-tutorial
Agree. Found another reference too:
https://learn.microsoft.com/en-us/azure/data-explorer/kusto/query/searchoperator?pivots=azuredataexplorer
Repeated question Topic2.Question22
Correct answer B
B is correct
I passed with these questions and many friends passed too, all questions appeared in the real exam a great study resource, contact me on [email protected]
The correct query to view error events from a table named "Event" in Azure Log Analytics workspace is:
C. select * from Event where EventType == "error"
This query will retrieve all the records from the "Event" table where the EventType is equal to "error," allowing you to view only the error events.
That's not valid KQL, try it with this sample code
let MyInMemoryTable = datatable(EventType: string, EventMessage: string, EventTime: datetime)
[
"error", "Something bad occurred in the application.", datetime(2024-01-09T13:00:00),
"warning", "A warning was logged by the application, be careful of error", datetime(2024-01-09T14:00:00),
"info", "Informational message from the application.", datetime(2024-01-09T15:00:00),
"error", "Oh noes occurred in the application.", datetime(2024-01-09T16:00:00)
];
SELECT * FROM (MyInMemoryTable) where EventType == "error"
Event
| where SeverityLevel == "Error"
Correct Answer: B
C. select * from Event where EventType == "error"
To view the error events from a table named Event in the Azure Log Analytics workspace named Workspace1, you should run the query:
select * from Event where EventType == "error"
This query selects all the columns (*) from the Event table where the EventType is equal to "error". It will retrieve all the error events from the Event table in Workspace1.
The other options provided are not valid for querying data in Azure Log Analytics. They do not use the correct syntax or functions for querying data in Log Analytics.
select * from Event where EventType == "error" is an example of SQL (Structured Query Language) whereas Log Analytics uses KQL (Kusto Query Language). The correct answer is B
B - Tested in lab (Event | search "error")
Correct Answer: B
Event | search "error"
Correct Answer: B
Correct Answer: B
Share Test → VCE Exam Simulator → AZ-104 topic 2 question 42
Note: This forum is a platform for users to share insights and discuss exam-related topics. We do not provide authentic exam questions or answers. The content here is contributed by community members and is meant for collaborative learning and discussion purposes only. Users are encouraged to refer to official sources for accurate exam materials.