Optimizing Log Analytics Alerts with Custom Thresholds: A Comprehensive Guide to Using Kusto Query, PowerShell, and CSV Files

Posted by

The Microsoft Community Hub shares an innovative approach to personalize multiple thresholds in Log Analytics Alerts. This method, designed for customers who want custom alerts for each server and performance counter, uses a Kusto query, a CSV file, a PowerShell script, and a custom log table.

Revolutionizing Log Analytics Alerts with Personalized Multiple Thresholds


Microsoft’s Log Analytics Alerts have been given a new lease of life. This blog post delves into a unique way to customize thresholds for every server and performance counter.

The New Approach

Instead of a generic threshold for alerts, this new method allows for personalized thresholds. This ensures a more precise and efficient alert system.

Key Components

The solution is composed of four main components: a CSV file, a PowerShell script, a custom log table, and an Amazing Log Kusto query.

“This article has been created for a customer that wants to be able to create an alert for customized thresholds for each existing server and performance counter.”

How it Works

The CSV file contains all the necessary data. The PowerShell script and custom log table work in tandem to process this data. Finally, the Amazing Log Kusto query puts all the logic into action.

“This allows you to put all the logic in the Kusto query.”


This innovative approach to Log Analytics Alerts promises to deliver a more personalized and effective alert system. It’s a significant step forward in the world of tech.

  • Method is designed for customers wanting custom alerts for each server and performance counter
  • Utilizes a Kusto query to achieve the goal
  • Includes a CSV file that contains necessary data
  • Employs a PowerShell script in the process
  • Uses a custom log table as part of the solution
  • From the Core Infrastructure and Security Blog