az monitor activity-log
Manage activity logs.
Commands
az monitor activity-log alert |
Manage activity log alerts. |
az monitor activity-log alert action-group |
Manage action groups for activity log alerts. |
az monitor activity-log alert action-group add |
Add action groups to this activity log alert. It can also be used to overwrite existing webhook properties of particular action groups. |
az monitor activity-log alert action-group remove |
Remove action groups from this activity log alert. |
az monitor activity-log alert create |
Create a default activity log alert. |
az monitor activity-log alert delete |
Delete an activity log alert. |
az monitor activity-log alert list |
List activity log alerts under a resource group or the current subscription. |
az monitor activity-log alert scope |
Manage scopes for activity log alerts. |
az monitor activity-log alert scope add |
Add scopes to this activity log alert. |
az monitor activity-log alert scope remove |
Removes scopes from this activity log alert. |
az monitor activity-log alert show |
Get an activity log alert. |
az monitor activity-log alert update |
Update the details of this activity log alert. |
az monitor activity-log list |
List and query activity log events. |
az monitor activity-log list-categories |
List the event categories of activity logs. |
az monitor activity-log list
List and query activity log events.
az monitor activity-log list [--caller]
[--correlation-id]
[--end-time]
[--max-events]
[--namespace]
[--offset]
[--resource-group]
[--resource-id]
[--select {authorization, caller, category, claims, correlationId, description, eventDataId, eventName, eventTimestamp, httpRequest, id, level, operationId, operationName, properties, resourceGroupName, resourceId, resourceProviderName, resourceType, status, subStatus, submissionTimestamp, subscriptionId, tenantId}]
[--start-time]
[--status]
Examples
List all events from July 1st, looking forward one week.
az monitor activity-log list --start-time 2018-07-01 --offset 7d
List events within the past six hours based on a correlation ID.
az monitor activity-log list --correlation-id b5eac9d2-e829-4c9a-9efb-586d19417c5f
List events within the past hour based on resource group.
az monitor activity-log list -g {ResourceGroup} --offset 1h
Optional Parameters
Caller to query for, such as an e-mail address or service principal ID.
Correlation ID to query.
End time of the query. Defaults to the current time. Format: date (yyyy-mm-dd) time (hh:mm:ss.xxxxx) timezone (+/-hh:mm).
Maximum number of records to return.
Resource provider namespace.
Time offset of the query range, in ##d##h format.
Name of resource group. You can configure the default group using az configure --defaults group=<name>
.
ARM ID of a resource.
Space-separated list of properties to return.
Start time of the query. Format: date (yyyy-mm-dd) time (hh:mm:ss.xxxxx) timezone (+/-hh:mm).
Status to query for (ex: Failed).
Increase logging verbosity to show all debug logs.
Show this help message and exit.
Only show errors, suppressing warnings.
Output format.
JMESPath query string. See http://jmespath.org/ for more information and examples.
Name or ID of subscription. You can configure the default subscription using az account set -s NAME_OR_ID
.
Increase logging verbosity. Use --debug for full debug logs.
az monitor activity-log list-categories
List the event categories of activity logs.
az monitor activity-log list-categories
Increase logging verbosity to show all debug logs.
Show this help message and exit.
Only show errors, suppressing warnings.
Output format.
JMESPath query string. See http://jmespath.org/ for more information and examples.
Name or ID of subscription. You can configure the default subscription using az account set -s NAME_OR_ID
.
Increase logging verbosity. Use --debug for full debug logs.
Feedback
Submit and view feedback for