AdiBiran outlines Azure Monitor Auxiliary Logs’ general availability, new features, and lower pricing, highlighting enhancements in querying, data transformations, and large-scale log management for Microsoft customers.

General Availability of Azure Monitor Auxiliary Logs and Reduced Pricing

Azure Monitor Auxiliary Logs

Azure Monitor Logs is a foundational monitoring tool for hundreds of thousands of organizations running mission-critical Azure workloads. This news highlights the general availability and major improvements to Auxiliary Logs, a high-volume logging tier now accessible in all regions.

What Are Auxiliary Logs?

Auxiliary Logs is designed for high-volume ingestion scenarios and works alongside Basic and Analytics Logs as part of Azure Monitor. Customers—including teams ingesting over a petabyte per day—benefit from scalable, cost-effective logging for detailed analysis and long-term storage.

Key updates include:

General Availability: Auxiliary Logs are now fully supported, with broad regional presence and enhanced service capabilities.
Security Data: Support now includes not just Custom Logs but also security data.
Table Support: Additional tables will be supported soon (see table plans).
Price Reduction: Significant price cuts now make Auxiliary Logs a more economical choice for high-volume data scenarios. Refer to Azure Monitor pricing for details.
Sentinel Data Lake Integration: Logs can move between Auxiliary and Sentinel Data Lake without duplication, supporting modern data lake technology and operational/security analytics. Sentinel Data Lake announcement.

Enhanced Query Capabilities

Expanded KQL Support: Now, all KQL operators—including the lookup operator to Analytics tables—are supported in a single-table context.
Performance Boosts: Built on Delta Parquet, providing improved encoding and partitioning for faster queries.
Extended Time Range: Query any time period, not just the last 30 days.
Cost Estimation Preview: Estimate query costs before executing, providing better budget management.

Summary Rules: General Availability

Summary rules—newly in general availability—increase efficiency for summarizing high-ingestion streams, supporting robust analysis and dashboarding. Key benefits:

Increased rule limits per workspace
Retry functionality for incident-affected bins
Broadened regional access
Efficient summarization without losing raw data for investigations

Learn more: Summary Rules Details

Search Jobs: More Power and Flexibility

Search jobs allow async scanning of massive data volumes, ingesting results into Analytics tables. Recent improvements include:

Load up to 100 million records (coming soon)
Streamlined user interface for search jobs
Cost prediction prior to execution
Increased concurrency and removed additional limits
Support for all KQL operators on a single table with lookup operator to Analytics tables (rolling out soon)

More info: Search Jobs

KQL Transformations at Ingestion (Public Preview)

Now in public preview: KQL-based transformations for Auxiliary Logs at ingestion time. This brings Auxiliary Logs in line with other Azure Monitor tiers. Benefits:

Apply KQL filters and data shaping as data is ingested
Reduce storage costs by filtering noise
Parse, split, and distribute log fields for optimized downstream usage
Supports Data Collection Rules (DCRs) for declarative pipeline setup

Learn more:

Ingestion-Time Transformations

Cost and Data Governance

Custom transformations incur log processing charges; check the pricing page for up-to-date information. These enhancements fit within Microsoft’s broader cloud data lake and observability evolution, aiming for unified operational and security insights on a common stack.

For organizations with heavy monitoring and security compliance needs, these upgrades and cost reductions position Auxiliary Logs as a flexible, scalable, and budget-friendly solution on Azure.

This post appeared first on “Microsoft Tech Community”. Read the entire article here