⚠️ DEPRECATED — This package is no longer maintained.The underlying Azure Monitor HTTP Data Collector API has been deprecated by Microsoft and will stop functioning on 2026-09-14.
Migrate to
Azure.Monitor.Ingestion(LogsIngestionClient), which is the official replacement. See the Migration Guide below.Version 6.2.4 is the final release of this package.
The easiest way to send logs to Azure Log Analytics from your apps. Construct a custom object and send it to Log Analytics. It will be represented as a log entry in the logs. This helps make logging easy in your applications, and you can focus on more important business logic.
The LogAnalytics.Client is available on NuGet.
Note: This package is deprecated. The final release is version 6.2.4.
The LogAnalytics.Client project has been upgraded to .NET 6, and bumped the major version to 6.x.
LogAnalytics.Client currently support the below versions of .NET.
| Version | Supported |
|---|---|
| .NET 6.x | ✅ |
| .NET 5.x | ✅ |
| .NET Core 3.x | ✅ |
dotnet add package LogAnalytics.Client
Install-Package LogAnalytics.Client
<PackageReference Include="LogAnalytics.Client" Version="6.2.3" />paket add LogAnalytics.Client
Initialize a new LogAnalyticsClient object with a Workspace Id and a Key:
LogAnalyticsClient logger = new LogAnalyticsClient(
workspaceId: "LAW ID",
sharedKey: "LAW KEY");Synchronous execution (non-HTTP applications):
logger.SendLogEntry(new TestEntity
{
Category = GetCategory(),
TestString = $"String Test",
TestBoolean = true,
TestDateTime = DateTime.UtcNow,
TestDouble = 2.1,
TestGuid = Guid.NewGuid()
}, "demolog").Wait();Asynchronous execution (HTTP-based applications):
await logger.SendLogEntry(new TestEntity
{
Category = GetCategory(),
TestString = $"String Test",
TestBoolean = true,
TestDateTime = DateTime.UtcNow,
TestDouble = 2.1,
TestGuid = Guid.NewGuid()
}, "demolog")
.ConfigureAwait(false); // Optionally add ConfigureAwait(false) here, depending on your scenarioIf you need to send a lot of log entries at once, it makes better sense to send them as a batch/collection instead of sending them one by one. This saves on requests, resources and eventually costs.
// Example: Wiring up 5000 entities into an "entities" collection.
List<DemoEntity> entities = new List<DemoEntity>();
for (int ii = 0; ii < 5000; ii++)
{
entities.Add(new DemoEntity
{
Criticality = GetCriticality(),
Message = "lorem ipsum dolor sit amet",
SystemSource = GetSystemSource()
});
}
// Send all 5000 log entries at once, in a single request.
await logger.SendLogEntries(entities, "demolog").ConfigureAwait(false);To send logs to another Azure Sovereign Cloud, for example the Government cloud, you can specify an enum value for the the optional parameter azureSovereignCloud.
Here's an example:
LogAnalyticsClient logger = new LogAnalyticsClient(
workspaceId: "LAW ID",
sharedKey: "LAW KEY",
EndPointOverride: "ods.opinsights.azure.us"); // Use Azure Government instead of the (default) Azure Public cloud.The available sovereign clouds are currently:
- Azure Public Cloud (Commercial): ods.opinsights.azure.com
- Azure Government: ods.opinsights.azure.us
- Azure China: ods.opinsights.azure.cn
If you want to develop the project locally and enhance it with your custom logic, or want to contribute to the GitHub repository with a PR, it's a good idea to verify that the code works and tests are flying.
If you want to develop and run local tests, it is a good idea to set up your custom Log Analytics Workspace Id and Key in the project. This can be done using user secrets.
Using the dotnet CLI from the LogAnalyticsClient.Tests project directory:
dotnet user-secrets set "LawConfiguration:LawId" "YOUR LOG ANALYTICS INSTANCE ID"
dotnet user-secrets set "LawConfiguration:LawKey" "YOUR LOG ANALYTICS WORKSPACE KEY"
dotnet user-secrets set "LawServicePrincipalCredentials:ClientId" "CLIENT ID HERE"
dotnet user-secrets set "LawServicePrincipalCredentials:ClientSecret" "CLIENT SECRET HERE"
dotnet user-secrets set "LawServicePrincipalCredentials:Domain" "TENANT NAME OR DOMAIN ID HERE"
You should now have a secrets.json file in your local project, with contents similar to this:
{
"LawConfiguration": {
"LawId": "YOUR LOG ANALYTICS INSTANCE ID",
"LawKey": "YOUR LOG ANALYTICS WORKSPACE KEY"
},
"LawServicePrincipalCredentials": {
"ClientId": "Principal Client ID Here",
"ClientSecret": "Principal Client Secret Here",
"Domain": "Your tenant guid here, or tenant name"
}
}To add the secrets with the correct values, you need to add the Workspace Id (LawId), and the Key. You can find these from the Log Analytics Workspace in the Azure Portal, for example.
To add the Service Principal secrets, you should create a new service principal and add a secret, then grant it reader access on the Log Analytics resource. There are steps outlines for that part here: https://zimmergren.net/retrieve-logs-from-application-insights-programmatically-with-net-core-c/ - refer to "Step 1".
Read more about configuring user secrets in .NET Core projects: https://docs.microsoft.com/aspnet/core/security/app-secrets
This project is a spin-off from code samples. The examples and usage grew over time, and an interest was shown of a wrapper or client for Log Analytics.
Related blog posts:
- https://zimmergren.net/building-custom-data-collectors-for-azure-log-analytics/
- https://zimmergren.net/log-custom-application-security-events-log-analytics-ingested-in-azure-sentinel/
Keeping it simple.
The HTTP Data Collector API that LogAnalytics.Client wraps is deprecated and will be retired on 2026-09-14. The replacement is the Logs Ingestion API, with an official .NET SDK: Azure.Monitor.Ingestion.
| LogAnalytics.Client (old) | Azure.Monitor.Ingestion (new) | |
|---|---|---|
| Auth | Workspace Shared Key (HMAC) | Microsoft Entra ID (OAuth2 / DefaultAzureCredential) |
| Endpoint | {workspaceId}.ods.opinsights.azure.com |
Data Collection Rule endpoint or DCE |
| Config | Workspace ID + Shared Key | DCR ID + Stream Name + Endpoint URI |
| Table targeting | Log-Type header |
DCR stream declarations |
Before migrating your code, you need to set up Azure-side resources:
- Create a custom table (or use a supported Azure table) in your Log Analytics workspace.
- Create a Data Collection Rule (DCR) that maps your incoming data to the target table.
- Register an app in Microsoft Entra ID (or use a managed identity) and grant it the Monitoring Metrics Publisher role on the DCR.
See the full walkthrough: Tutorial: Send data to Azure Monitor Logs with Logs ingestion API.
using LogAnalytics.Client;
var logger = new LogAnalyticsClient(
workspaceId: "your-workspace-id",
sharedKey: "your-shared-key");
await logger.SendLogEntry(new MyEntity
{
Message = "Hello",
Severity = "Info"
}, "MyCustomLog");using Azure.Identity;
using Azure.Monitor.Ingestion;
var endpoint = new Uri("https://<your-dce>.ingest.monitor.azure.com");
var client = new LogsIngestionClient(endpoint, new DefaultAzureCredential());
var entries = new[]
{
new { TimeGenerated = DateTime.UtcNow, Message = "Hello", Severity = "Info" }
};
await client.UploadAsync(
ruleId: "<dcr-immutable-id>",
streamName: "Custom-MyCustomLog",
entries);dotnet add package Azure.Monitor.Ingestion
dotnet add package Azure.Identity