Azure-docs: Search ID and Schedule ID

Thanks for the feedback! We are currently investigating and will update you shortly.

Also, in the same section, it reads:
"When you create a schedule in the Log Analytics console, a GUID is created for the schedule ID."

How does one create a schedule in the Log Analytics Workspace? I'm assuming the console is referring to the Azure Portal.

Many thanks!

Also, when I attempt to create a schedule using the example, I am getting a 400 error.

@ROSMITHJ-MSFT To answer your question number 1, AFAIK you may use this and this REST API's to get and list saved search ID's respectively. Similarly, you may use this and this REST API's to get and list schedule query rule ID's respectively.

To answer your question number 2, As per this recently updated (i.e., updated on 2019-07-29) Azure document, _Schedule defines how often the log search is run and the time interval window and frequency over which the data is retrieved; Each alert rule has one and only one schedule; A saved search can have one or more schedules with each schedule representing a separate alert rule_. So, IMHO creating a schedule is nothing but defining schedule while creating an alert rule. And it's mentioned as _Log Analytics console_ because AFAIK it's a terminology brought from older / legacy Log Analytics workspace i.e., OMS portal / console.

To answer your question number 3, You might be getting 400 error i.e., probable bad request error, an HTTP status code which means that the create schedule request you sent was somehow incorrect or corrupted and the backend server couldn't understand it or you would have created workspace after June 1st 2019 but tried to use legacy Savedsearches Schedules based OMS alert API/template which would fail. Ideally, in that case you may have to use scheduledQueryRules for creating alert rules.

Hope this information helps!

@ofirmanor @bwren @msvijayn Please correct / update the comment if required and please provide your additional insights, if any.

@yanivlavi - for Azure Monitor Log Alerts clarity

@ROSMITHJ-MSFT At this point it appears that there's no edits or updates needed for the referred Azure documentation and also looks like there are no additional comments from other tagged people so closing this issue for now. If there are further questions regarding this matter or feedback on the documentation, please do let us know and we will gladly continue the discussion.

Hi KrishnaG,

Many thanks for the responses! That did answer my questions - especially the response concerning legacy savedsearches. I'm attempting to ensure that I am using the most up to date information with our customers and was able to put this information to good use.

Many thanks!