Share via


az security alert

View security alerts.

Commands

Name Description Type Status
az security alert list

List security alerts.

Core GA
az security alert show

Shows a security alert.

Core GA
az security alert update

Updates a security alert status.

Core GA

az security alert list

List security alerts.

az security alert list [--location]
                       [--resource-group]

Examples

Get security alerts on a subscription scope.

az security alert list

Get security alerts on a resource group scope.

az security alert list -g "myRg"

Optional Parameters

--location -l

Location of the resource.

--resource-group -g

Name of resource group. You can configure the default group using az configure --defaults group=<name>.

Global Parameters
--debug

Increase logging verbosity to show all debug logs.

--help -h

Show this help message and exit.

--only-show-errors

Only show errors, suppressing warnings.

--output -o

Output format.

Accepted values: json, jsonc, none, table, tsv, yaml, yamlc
Default value: json
--query

JMESPath query string. See http://jmespath.org/ for more information and examples.

--subscription

Name or ID of subscription. You can configure the default subscription using az account set -s NAME_OR_ID.

--verbose

Increase logging verbosity. Use --debug for full debug logs.

az security alert show

Shows a security alert.

az security alert show --location
                       --name
                       [--resource-group]

Examples

Get a security alert on a subscription scope.

az security alert show --location "centralus" -n "alertName"

Get a security alert on a resource group scope.

az security alert show -g "myRg" --location "centralus" -n "alertName"

Required Parameters

--location -l

Location of the resource.

--name -n

Name of the resource to be fetched.

Optional Parameters

--resource-group -g

Name of resource group. You can configure the default group using az configure --defaults group=<name>.

Global Parameters
--debug

Increase logging verbosity to show all debug logs.

--help -h

Show this help message and exit.

--only-show-errors

Only show errors, suppressing warnings.

--output -o

Output format.

Accepted values: json, jsonc, none, table, tsv, yaml, yamlc
Default value: json
--query

JMESPath query string. See http://jmespath.org/ for more information and examples.

--subscription

Name or ID of subscription. You can configure the default subscription using az account set -s NAME_OR_ID.

--verbose

Increase logging verbosity. Use --debug for full debug logs.

az security alert update

Updates a security alert status.

az security alert update --location
                         --name
                         --status
                         [--resource-group]

Examples

Dismiss a security alert on a subscription scope.

az security alert update --location "centralus" -n "alertName" --status "dismiss"

Dismiss a security alert on a resource group scope.

az security alert update -g "myRg" --location "centralus" -n "alertName" --status "dismiss"

Activate a security alert on a subscritpion scope.

az security alert update --location "centralus" -n "alertName" --status "activate"

Activate a security alert on a resource group scope.

az security alert update -g "myRg" --location "centralus" -n "alertName" --status "activate"

Resolve a security alert on a subscritpion scope.

az security alert update --location "centralus" -n "alertName" --status "resolve"

Resolve a security alert on a resource group scope.

az security alert update -g "myRg" --location "centralus" -n "alertName" --status "resolve"

Change security alert status to "InProgress" on a subscritpion scope.

az security alert update --location "centralus" -n "alertName" --status "inprogress"

Change security alert status to "InProgress" on a resource group scope.

az security alert update -g "myRg" --location "centralus" -n "alertName" --status "inprogress"

Required Parameters

--location -l

Location of the resource.

--name -n

Name of the resource to be fetched.

--status

Target status of the alert. possible values are "dismiss", "activate", "resolve" and "inprogress".

Optional Parameters

--resource-group -g

Name of resource group. You can configure the default group using az configure --defaults group=<name>.

Global Parameters
--debug

Increase logging verbosity to show all debug logs.

--help -h

Show this help message and exit.

--only-show-errors

Only show errors, suppressing warnings.

--output -o

Output format.

Accepted values: json, jsonc, none, table, tsv, yaml, yamlc
Default value: json
--query

JMESPath query string. See http://jmespath.org/ for more information and examples.

--subscription

Name or ID of subscription. You can configure the default subscription using az account set -s NAME_OR_ID.

--verbose

Increase logging verbosity. Use --debug for full debug logs.