Roman Marusyk's Blog

Deleting Azure Application Insights telemetry

Deleting Azure Application Insights telemetry

Roman Marusyk's photo
Roman Marusyk
·

3 min read

There are 3 options if you want to delete the data captured by Application Insights

1. Delete Application Insights instance

The easiest one, but sometimes it isn't what we want. What if we need to delete some data collected by Application Insights before yesterday, or delete only all exceptions, some traces, etc - this option will not work.

We will also need to re-configure our app with a new Instrumentation Key after re-creating the new instance.

2. Data retention policy

This option deletes all data over a defined time period. The default duration of data retention is 90 days, the minimum value is 30 days. So, you need to wait at least 30 days.

Image description

The Application Insights is billed according to the amount of storage in GB you consume. In case when our application has generated a large amount of unnecessary data, and we need to remove it asap - the Purge API is coming.

3. Purge API

With Purge REST API you can delete the data from the Application Insights instance by applying a set of user-defined filters.

Let's use Postman to make a purge request.

But first, you need to authenticate by using the Azure Active Directory. To do that, you need to register an application:

Register an application

2022-09-30_02-43s.png

When the app is created, copy the Application (client) ID:

2022-09-30_02-46.png

Then, create a secret key for the application registration:

2022-09-30_02-50.png

The next step is assigning a role to your app to access the Application Insights instance. Note that the role must be Data Purger.

2022-09-30_02-57.png

After that, the setup for authorization is finished.

Authorize

Now, let's use Postman to obtain a JWT token.

2022-09-30_03-21.png

Where:

  • Type is OAuth 2.0
  • Grant Type is Client Credentials
  • Access Token URL is set to https://login.microsoftonline.com/6047fb61-62f7-4944-803a-4fa1b0ca42ee/oauth2/v2.0/token, here the 6047fb61-62f7-4944-803a-4fa1b0ca42ee is my TenatId from Azure AD
  • Client ID is your Application (client) ID from Azure AD
  • Client Secret is a secret key for the application registration
  • Scope is set to https://management.core.windows.net/.default

Press Get New Access Token and if the authorization process is completed, use the token for the next Purge request.

Purge API

Use the following URL with your params:

https://management.azure.com/subscriptions/:subscriptionId/resourceGroups/:resourseGroupName/providers/Microsoft.Insights/components/:appInsightsInstance/purge?api-version=2015-05-01

2022-09-30_03-38.png

Let's say we want to delete all exceptions after 2022-09-20. To the request add the body below:

{
  "table": "exceptions",
  "filters": [
     {
         "column": "timestamp",
         "operator": ">",
         "value": "2022-09-20T00:00:00"
     }
  ]
}

2022-09-30_03-41.png

All available tables (including their schema) for Application Insight are on the Logs page:

2022-09-30_04-00.png

Don't forget to add a JWT token on the Authorization tab as a Bearer Token.

When the API is called, a purge task is started and you will receive its Id:

{
    "operationId": "purge-048ccace-a6a0-41b9-80e3-fbc11a5bdd64"
}

A purge task of Application Insights data is not immediately executed. It may take up to 72 hours for the operation to complete.

An event will be recorded in the Activity Log with details about the operation.

You can check the status of the task by sending a GET request as follows:

https://management.azure.com/subscriptions/:subscriptionId/resourceGroups/resourseGroupName/providers/Microsoft.Insights/components/:appInsightsInstance/operations/purge-048ccace-a6a0-41b9-80e3-fbc11a5bdd64?api-version=2015-05-01

As you can see, initially the status of the ongoing purge operation is pending:

{
    "status": "pending"
}
AzureAzure Application InsightsPostman