Add Cribl Workbook#13885
Conversation
v-atulyadav
added
Workbook
|
Hi @samikroy, please add the newly created workbook into data file and repackage this solution using V3 tool. Thanks! |
|
Hi @samikroy, any update on the above comment. Thanks! |
|
Hi @v-shukore, I’ve applied the V3 tool and repackaged the solution using the V3 tool. Please review. |
|
Hi @samikroy, it looks like the packaging wasn't done correctly. Only createui and maintemplate should be inside the package folder, but they're also showing up outside of it. Could you please fix this? Also, another solution was unintentionally added in this PR please remove that commit as well. Thanks! |
|
Hi @v-shukore, I fixed the packaging structure and removed unintended solution changes from the PR. Please review. |
There was a problem hiding this comment.
Pull request overview
Note
Copilot was unable to run its full agentic suite in this review.
Adds a new Cribl workbook and wires it into the Cribl solution packaging so it can be deployed and surfaced in the solution experience.
Changes:
- Added a Cribl Azure Monitor Workbook with multiple sections (Access/Audit/Internal/UI Access).
- Registered the workbook in the solution data file so it’s included as a solution artifact.
- Updated solution packaging templates/UI to deploy and describe the new workbook.
Reviewed changes
Copilot reviewed 5 out of 6 changed files in this pull request and generated 11 comments.
Show a summary per file
| File | Description |
|---|---|
| Solutions/Cribl/Workbooks/CriblWorkbook.json | New workbook definition containing KQL visualizations for Cribl logs. |
| Solutions/Cribl/Package/testParameters.json | Adds workbook name parameter for packaging deployment. |
| Solutions/Cribl/Package/mainTemplate.json | Adds workbook content template + metadata and updates packaging resources. |
| Solutions/Cribl/Package/createUiDefinition.json | Adds workbook blade text and updates description to include workbook count. |
| Solutions/Cribl/Data/Solution_Cribl.json | Registers the workbook under solution “Workbooks” and adds blade description. |
|
Hi @samikroy, please update required suggestions given by the copilot as reviewer and commit the changes. Thanks! |
Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>
Updated queries and names in Cribl Workbook JSON.
@v-shukore - Could you please review and let me know for any changes. |
Added a new workbook for Cribl with the following metrics
Access Logs:
-- HTTP status code distribution
Method usage (GET, POST, etc.)
-- Top accessed API endpoints
-- Error code trends and response time analysis
Audit Logs:
-- Service-level activity summary
-- Top users and audit events over time
-- Most performed actions and user participation breakdown
-- Service module action distribution
Internal Logs:
-- CPU and memory usage by Cribl components
-- Heap memory utilization trends
-- Top hosts by memory consumption
-- CPU vs ELU performance monitoring
UI Access Logs:
-- Top users and tenants accessing Cribl UI
-- Most accessed UI pages
-- UI access trends and source IP analysis
-- Browser and tool distribution
Reason for Change(s):
Testing Completed: