az monitor data-collection rule
Note
This reference is part of the monitor-control-service extension for the Azure CLI (version 2.55.0 or higher). The extension will automatically install the first time you run an az monitor data-collection rule command. Learn more about extensions.
Manage data collection rule for monitor control service.
Commands
| Name | Description | Type | Status |
|---|---|---|---|
| az monitor data-collection rule association |
Manage data collection rule association for monitor control service. |
Extension | GA |
| az monitor data-collection rule association create |
Create an association. |
Extension | GA |
| az monitor data-collection rule association delete |
Delete an association. |
Extension | GA |
| az monitor data-collection rule association list |
Lists associations for the specified data collection rule. And Lists associations for the specified data collection endpoint. And Lists associations for the specified resource. |
Extension | GA |
| az monitor data-collection rule association list-by-resource |
List associations for the specified resource. |
Extension | GA |
| az monitor data-collection rule association show |
Get the specified association. |
Extension | GA |
| az monitor data-collection rule association update |
Update an association. |
Extension | GA |
| az monitor data-collection rule create |
Create a data collection rule. |
Extension | GA |
| az monitor data-collection rule data-flow |
Manage data flows. |
Extension | GA |
| az monitor data-collection rule data-flow add |
Add a data flow. |
Extension | GA |
| az monitor data-collection rule data-flow list |
List data flows. |
Extension | GA |
| az monitor data-collection rule delete |
Delete a data collection rule. |
Extension | GA |
| az monitor data-collection rule list |
List all data collection rules in the specified resource group. And Lists all data collection rules in the specified subscription. |
Extension | GA |
| az monitor data-collection rule log-analytics |
Manage Log Analytics destinations. |
Extension | GA |
| az monitor data-collection rule log-analytics add |
Add Log Analytics destinations of a data collection rule. |
Extension | GA |
| az monitor data-collection rule log-analytics delete |
Delete a Log Analytics destinations of a data collection rule. |
Extension | GA |
| az monitor data-collection rule log-analytics list |
List Log Analytics destinations of a data collection rule. |
Extension | GA |
| az monitor data-collection rule log-analytics show |
Show a Log Analytics destination of a data collection rule. |
Extension | GA |
| az monitor data-collection rule log-analytics update |
Update a Log Analytics destination of a data collection rule. |
Extension | GA |
| az monitor data-collection rule performance-counter |
Manage Log performance counter data source. |
Extension | GA |
| az monitor data-collection rule performance-counter add |
Add a Log performance counter data source. |
Extension | GA |
| az monitor data-collection rule performance-counter delete |
Delete a Log performance counter data source. |
Extension | GA |
| az monitor data-collection rule performance-counter list |
List Log performance counter data sources. |
Extension | GA |
| az monitor data-collection rule performance-counter show |
Show a Log performance counter data source. |
Extension | GA |
| az monitor data-collection rule performance-counter update |
Update a Log performance counter data source. |
Extension | GA |
| az monitor data-collection rule show |
Return the specified data collection rule. |
Extension | GA |
| az monitor data-collection rule syslog |
Manage Syslog data source. |
Extension | GA |
| az monitor data-collection rule syslog add |
Add a Syslog data source. |
Extension | GA |
| az monitor data-collection rule syslog delete |
Delete a Syslog data source. |
Extension | GA |
| az monitor data-collection rule syslog list |
List Syslog data sources. |
Extension | GA |
| az monitor data-collection rule syslog show |
Show a Syslog data source. |
Extension | GA |
| az monitor data-collection rule syslog update |
Update a Syslog data source. |
Extension | GA |
| az monitor data-collection rule update |
Update a data collection rule. |
Extension | GA |
| az monitor data-collection rule windows-event-log |
Manage Windows Event Log data source. |
Extension | GA |
| az monitor data-collection rule windows-event-log add |
Add a Windows Event Log data source. |
Extension | GA |
| az monitor data-collection rule windows-event-log delete |
Delete a Windows Event Log data source. |
Extension | GA |
| az monitor data-collection rule windows-event-log list |
List Windows Event Log data sources. |
Extension | GA |
| az monitor data-collection rule windows-event-log show |
Show a Windows Event Log data source. |
Extension | GA |
| az monitor data-collection rule windows-event-log update |
Update a Windows Event Log data source. |
Extension | GA |
az monitor data-collection rule create
Create a data collection rule.
az monitor data-collection rule create --data-collection-rule-name
--resource-group
[--data-collection-endpoint-id]
[--data-flows]
[--data-sources]
[--description]
[--destinations]
[--identity]
[--kind {Linux, Windows}]
[--location]
[--rule-file]
[--stream-declarations]
[--tags]Examples
Create data collection rule
az monitor data-collection rule create --resource-group "myResourceGroup" --location "eastus" --name "myCollectionRule" --rule-file "C:\samples\dcrEx1.json"Required Parameters
The name of the data collection rule. The name is case insensitive.
Name of resource group. You can configure the default group using az configure --defaults group=<name>.
Optional Parameters
The resource ID of the data collection endpoint that is to be associated.
The specification of data flows. Support shorthand-syntax, json-file and yaml-file. Try "??" to show more.
The specification of data sources. This property is optional and can be omitted if the rule is meant to be used via direct calls to the provisioned endpoint. Support shorthand-syntax, json-file and yaml-file. Try "??" to show more.
Description of the association.
The specification of destinations. Support shorthand-syntax, json-file and yaml-file. Try "??" to show more.
Managed service identity of the resource. Support shorthand-syntax, json-file and yaml-file. Try "??" to show more.
The kind of the resource.
The geo-location where the resource lives.
The json file for rule parameters. If provided, corresponding parameter will be overwrited by value from rule file Usage: --rule-file sample.json rule json file should be rule parameters organized as json format, like below: { "properties": { "destinations": { "azureMonitorMetrics": { "name": "azureMonitorMetrics-default" } }, "dataFlows": [ { "streams": [ "Microsoft-InsightsMetrics" ], "destinations": [ "azureMonitorMetrics-default" ] } ] } }.
Declaration of custom streams used in this rule. Support shorthand-syntax, json-file and yaml-file. Try "??" to show more.
Resource tags. Support shorthand-syntax, json-file and yaml-file. Try "??" to show more.
Global Parameters
Increase logging verbosity to show all debug logs.
Show this help message and exit.
Only show errors, suppressing warnings.
Output format.
JMESPath query string. See http://jmespath.org/ for more information and examples.
Name or ID of subscription. You can configure the default subscription using az account set -s NAME_OR_ID.
Increase logging verbosity. Use --debug for full debug logs.
az monitor data-collection rule delete
Delete a data collection rule.
az monitor data-collection rule delete [--data-collection-rule-name]
[--ids]
[--resource-group]
[--subscription]
[--yes]Examples
Delete data collection rule
az monitor data-collection rule delete --name "myCollectionRule" --resource-group "myResourceGroup"Optional Parameters
The name of the data collection rule. The name is case insensitive.
One or more resource IDs (space-delimited). It should be a complete resource ID containing all information of 'Resource Id' arguments. You should provide either --ids or other 'Resource Id' arguments.
Name of resource group. You can configure the default group using az configure --defaults group=<name>.
Name or ID of subscription. You can configure the default subscription using az account set -s NAME_OR_ID.
Do not prompt for confirmation.
Global Parameters
Increase logging verbosity to show all debug logs.
Show this help message and exit.
Only show errors, suppressing warnings.
Output format.
JMESPath query string. See http://jmespath.org/ for more information and examples.
Name or ID of subscription. You can configure the default subscription using az account set -s NAME_OR_ID.
Increase logging verbosity. Use --debug for full debug logs.
az monitor data-collection rule list
List all data collection rules in the specified resource group. And Lists all data collection rules in the specified subscription.
az monitor data-collection rule list [--max-items]
[--next-token]
[--resource-group]Examples
List data collection rules by resource group
az monitor data-collection rule list --resource-group "myResourceGroup"List data collection rules by subscription
az monitor data-collection rule listOptional Parameters
Total number of items to return in the command's output. If the total number of items available is more than the value specified, a token is provided in the command's output. To resume pagination, provide the token value in --next-token argument of a subsequent command.
Token to specify where to start paginating. This is the token value from a previously truncated response.
Name of resource group. You can configure the default group using az configure --defaults group=<name>.
Global Parameters
Increase logging verbosity to show all debug logs.
Show this help message and exit.
Only show errors, suppressing warnings.
Output format.
JMESPath query string. See http://jmespath.org/ for more information and examples.
Name or ID of subscription. You can configure the default subscription using az account set -s NAME_OR_ID.
Increase logging verbosity. Use --debug for full debug logs.
az monitor data-collection rule show
Return the specified data collection rule.
az monitor data-collection rule show [--data-collection-rule-name]
[--ids]
[--resource-group]
[--subscription]Examples
Get data collection rule
az monitor data-collection rule show --name "myCollectionRule" --resource-group "myResourceGroup"Optional Parameters
The name of the data collection rule. The name is case insensitive.
One or more resource IDs (space-delimited). It should be a complete resource ID containing all information of 'Resource Id' arguments. You should provide either --ids or other 'Resource Id' arguments.
Name of resource group. You can configure the default group using az configure --defaults group=<name>.
Name or ID of subscription. You can configure the default subscription using az account set -s NAME_OR_ID.
Global Parameters
Increase logging verbosity to show all debug logs.
Show this help message and exit.
Only show errors, suppressing warnings.
Output format.
JMESPath query string. See http://jmespath.org/ for more information and examples.
Name or ID of subscription. You can configure the default subscription using az account set -s NAME_OR_ID.
Increase logging verbosity. Use --debug for full debug logs.
az monitor data-collection rule update
Update a data collection rule.
az monitor data-collection rule update [--add]
[--data-collection-endpoint-id]
[--data-collection-rule-name]
[--data-flows]
[--data-flows-raw]
[--data-sources]
[--description]
[--destinations]
[--extensions]
[--force-string {0, 1, f, false, n, no, t, true, y, yes}]
[--identity]
[--ids]
[--kind {Linux, Windows}]
[--log-analytics]
[--monitor-metrics]
[--performance-counters]
[--remove]
[--resource-group]
[--set]
[--stream-declarations]
[--subscription]
[--syslog]
[--tags]
[--windows-event-logs]Optional Parameters
Add an object to a list of objects by specifying a path and key value pairs. Example: --add property.listProperty <key=value, string or JSON string>.
The resource ID of the data collection endpoint that is to be associated.
The name of the data collection rule. The name is case insensitive.
The specification of data flows. Usage: --data-flows streams=XX1 streams=XX2 destinations=XX1 destinations=XX2 streams: Required. List of streams for this data flow. destinations: Required. List of destinations for this data flow. Multiple actions can be specified by using more than one --data-flows argument. Support shorthand-syntax, json-file and yaml-file. Try "??" to show more.
The specification of data flows. Support shorthand-syntax, json-file and yaml-file. Try "??" to show more.
The specification of data sources. This property is optional and can be omitted if the rule is meant to be used via direct calls to the provisioned endpoint. Support shorthand-syntax, json-file and yaml-file. Try "??" to show more.
Description of the association.
The specification of destinations. Support shorthand-syntax, json-file and yaml-file. Try "??" to show more.
The list of Azure VM extension data source configurations. Expected value: json-string/@json-file.
When using 'set' or 'add', preserve string literals instead of attempting to convert to JSON.
Managed service identity of the resource. Support shorthand-syntax, json-file and yaml-file. Try "??" to show more.
One or more resource IDs (space-delimited). It should be a complete resource ID containing all information of 'Resource Id' arguments. You should provide either --ids or other 'Resource Id' arguments.
The kind of the resource.
List of Log Analytics destinations. Usage: --log-analytics resource-id=XX name=XX resource-id: Required. The resource ID of the Log Analytics workspace. name: Required. A friendly name for the destination. This name should be unique across all destinations (regardless of type) within the data collection rule. Multiple actions can be specified by using more than one --log-analytics argument. Support shorthand-syntax, json-file and yaml-file. Try "??" to show more.
Azure Monitor Metrics destination. Usage: --monitor-metrics name=XX name: Required. A friendly name for the destination. This name should be unique across all destinations (regardless of type) within the data collection rule. Support shorthand-syntax, json-file and yaml-file. Try "??" to show more.
The list of performance counter data source configurations. Usage: --performance-counters streams=XX1 streams=XX2 sampling-frequency=XX counter-specifiers=XX1 counter-specifiers=XX2 name=XX streams: Required. List of streams that this data source will be sent to. A stream indicates what schema will be used for this data and usually what table in Log Analytics the data will be sent to. sampling-frequency: Required. The number of seconds between consecutive counter measurements(samples). counter-specifiers: Required. A list of specifier names of the performance counters you want to collect. Use a wildcard (*) to collect a counter for all instances. To get a list of performance counters on Windows, run the command 'typeperf'. name: Required. A friendly name for the data source. This name should be unique across all data sources (regardless of type) within the data collection rule. Multiple actions can be specified by using more than one --performance-counters argument. Support shorthand-syntax, json-file and yaml-file. Try "??" to show more.
Remove a property or an element from a list. Example: --remove property.list OR --remove propertyToRemove.
Name of resource group. You can configure the default group using az configure --defaults group=<name>.
Update an object by specifying a property path and value to set. Example: --set property1.property2=.
Declaration of custom streams used in this rule. Support shorthand-syntax, json-file and yaml-file. Try "??" to show more.
Name or ID of subscription. You can configure the default subscription using az account set -s NAME_OR_ID.
The list of Syslog data source configurations. Usage: --syslog streams=XX1 streams=XX2 facility-names=XX1 facility-names=XX2 log-levels=XX1 log-levels=XX2 name=XX streams: Required. List of streams that this data source will be sent to. A stream indicates what schema will be used for this data and usually what table in Log Analytics the data will be sent to. facility-names: Required. The list of facility names. log-levels: The log levels to collect. name: Required. A friendly name for the data source. This name should be unique across all data sources (regardless of type) within the data collection rule. Multiple actions can be specified by using more than one --syslog argument. Support shorthand-syntax, json-file and yaml-file. Try "??" to show more.
Resource tags. Support shorthand-syntax, json-file and yaml-file. Try "??" to show more.
The list of Windows Event Log data source configurations. Usage: --windows-event-logs streams=XX1 streams=XX2 x-path-queries=XX1 x-path-queries=XX2 name=XX streams: Required. List of streams that this data source will be sent to. A stream indicates what schema will be used for this data and usually what table in Log Analytics the data will be sent to. x-path-queries: Required. A list of Windows Event Log queries in XPATH format. name: Required. A friendly name for the data source. This name should be unique across all data sources (regardless of type) within the data collection rule. Multiple actions can be specified by using more than one --windows-event-logs argument. Support shorthand-syntax, json-file and yaml-file. Try "??" to show more.
Global Parameters
Increase logging verbosity to show all debug logs.
Show this help message and exit.
Only show errors, suppressing warnings.
Output format.
JMESPath query string. See http://jmespath.org/ for more information and examples.
Name or ID of subscription. You can configure the default subscription using az account set -s NAME_OR_ID.
Increase logging verbosity. Use --debug for full debug logs.
Feedback
Coming soon: Throughout 2024 we will be phasing out GitHub Issues as the feedback mechanism for content and replacing it with a new feedback system. For more information see: https://aka.ms/ContentUserFeedback.
Submit and view feedback for