One of the key features of Azure Log Analytics is the ability to find data from multiple sources and aggregate it for analysis (Azure Log Analytics search).

This feature is exactly the reason we want to talk about Azure Log Analytics again. Since October 2017, Microsoft has been working on Azure Log Analytics version 2.0. The main innovation is a new (or at least heavily revised) Azure Log Analytics query language.

The most important innovations of the language are:

• Simple and natural: The new language is easier to understand and is similar to SQL. All constructs are in contrast to the previous query language rather than a natural language.
• Piping functions: The new language offers extensive piping functions. Almost every issue can be piped to another command. This allows complex queries to be created. That was not possible until now.
• Field extractions at runtime: The new language supports comprehensive fields calculated at runtime. You can perform complex calculations on extended fields, and then compute the computed fields for other commands, such as joins.
• Extended joins: The new language provides advanced joins, including the ability to join tables in multiple fields, use inner and outer joins, and join advanced fields.
• Date and time functions: The new language offers advanced date and time functions.
• Intelligent analyses: The new language uses advanced algorithms to evaluate patterns in datasets and compare different datasets.

Enough of the theory, let's just take a look at it.

Here is a brief demonstration:

1. Open your Azure management portal at https://portal.azure.com
2. In the navigation area of the portal, click on Monitor
3. This opens the Monitor dashboard. In the navigation area of the dashboard, click on Log Analytics:

4. This opens the old Log Search editor page:

5. For the new features, click on Analytics or Advanced Analytics  
6. The advanced Analytics portal opens. Note that this is the same portal used by Azure Application Insights.

The advanced Analytics portal provides new analytics capabilities that were not available on the old Log Analytics portal, such as multi-row editing in queries, additional visualizations, and advanced diagnostics.

If you only want to learn about the elements of the Log Analytics query language and the features of the new workspace, you will find a complex demo here: https://portal.loganalytics.io/demo#/discover/.