Slide 6 of 10

Azure logs - Functions

How it works

Azure logs Functions architecture: Diagnostic Settings to Event Hub to Azure Functions to Grafana Cloud Loki

Complexity: Simple | Infrastructure: Serverless | Latency: Event-driven

Trade-offs

ProsCons
Serverless, event-drivenFunction execution costs
Scales automaticallyEvent Hub costs
Native Azure integrationLimited vs Alloy processing
Near real-time10 min timeout limit

When to use

  • Event-driven log collection
  • Serverless architecture
  • Azure-native teams

Documentation

View the full documentation. Learning path coming soon!

Azure Functions logs

Script

Moving to Azure. The serverless approach here uses Azure Functions with Event Hub.

Here’s the flow: you configure diagnostic settings on your Azure resources to stream logs to an Event Hub. Then an Azure Function triggers when logs arrive in that Event Hub and forwards them to Loki.

It’s serverless end-to-end. No VMs, no containers. Azure handles scaling, retries, everything.

The costs come from Event Hub throughput units and Function executions, so plan accordingly for high-volume scenarios.

Compared to Alloy, you get less processing flexibility. Functions can transform logs, but not as powerfully. But if your team is already invested in Azure serverless, this approach fits naturally into your operational model.

/
Previous Next