az monitor data-collection rule
Note
This reference is part of the monitor-control-service extension for the Azure CLI (version 2.15.0 or higher). The extension will automatically install the first time you run an az monitor data-collection rule command. Learn more about extensions.
Manage data collection rule for monitor control service.
Commands
| Name | Description | Type | Status |
|---|---|---|---|
| az monitor data-collection rule association |
Manage data collection rule association for monitor control service. |
Extension | GA |
| az monitor data-collection rule association create |
Create an association. |
Extension | GA |
| az monitor data-collection rule association delete |
Delete an association. |
Extension | GA |
| az monitor data-collection rule association list |
List associations for the specified data collection rule. And Lists associations for the specified resource. |
Extension | GA |
| az monitor data-collection rule association show |
Return the specified association. |
Extension | GA |
| az monitor data-collection rule association update |
Update an association. |
Extension | GA |
| az monitor data-collection rule create |
Create a data collection rule. |
Extension | GA |
| az monitor data-collection rule data-flow |
Manage data flows. |
Extension | GA |
| az monitor data-collection rule data-flow add |
Add a data flow. |
Extension | GA |
| az monitor data-collection rule data-flow list |
List data flows. |
Extension | GA |
| az monitor data-collection rule delete |
Deletes a data collection rule. |
Extension | GA |
| az monitor data-collection rule list |
List all data collection rules in the specified resource group. And Lists all data collection rules in the specified subscription. |
Extension | GA |
| az monitor data-collection rule log-analytics |
Manage Log Analytics destinations. |
Extension | GA |
| az monitor data-collection rule log-analytics add |
Add Log Analytics destinations of a data collection rule. |
Extension | GA |
| az monitor data-collection rule log-analytics delete |
Delete a Log Analytics destinations of a data collection rule. |
Extension | GA |
| az monitor data-collection rule log-analytics list |
List Log Analytics destinations of a data collection rule. |
Extension | GA |
| az monitor data-collection rule log-analytics show |
Show a Log Analytics destination of a data collection rule. |
Extension | GA |
| az monitor data-collection rule log-analytics update |
Update a Log Analytics destination of a data collection rule. |
Extension | GA |
| az monitor data-collection rule performance-counter |
Manage Log performance counter data source. |
Extension | GA |
| az monitor data-collection rule performance-counter add |
Add a Log performance counter data source. |
Extension | GA |
| az monitor data-collection rule performance-counter delete |
Delete a Log performance counter data source. |
Extension | GA |
| az monitor data-collection rule performance-counter list |
List Log performance counter data sources. |
Extension | GA |
| az monitor data-collection rule performance-counter show |
Show a Log performance counter data source. |
Extension | GA |
| az monitor data-collection rule performance-counter update |
Update a Log performance counter data source. |
Extension | GA |
| az monitor data-collection rule show |
Return the specified data collection rule. |
Extension | GA |
| az monitor data-collection rule syslog |
Manage Syslog data source. |
Extension | GA |
| az monitor data-collection rule syslog add |
Add a Syslog data source. |
Extension | GA |
| az monitor data-collection rule syslog delete |
Delete a Syslog data source. |
Extension | GA |
| az monitor data-collection rule syslog list |
List Syslog data sources. |
Extension | GA |
| az monitor data-collection rule syslog show |
Show a Syslog data source. |
Extension | GA |
| az monitor data-collection rule syslog update |
Update a Syslog data source. |
Extension | GA |
| az monitor data-collection rule update |
Update a data collection rule. |
Extension | GA |
| az monitor data-collection rule windows-event-log |
Manage Windows Event Log data source. |
Extension | GA |
| az monitor data-collection rule windows-event-log add |
Add a Windows Event Log data source. |
Extension | GA |
| az monitor data-collection rule windows-event-log delete |
Delete a Windows Event Log data source. |
Extension | GA |
| az monitor data-collection rule windows-event-log list |
List Windows Event Log data sources. |
Extension | GA |
| az monitor data-collection rule windows-event-log show |
Show a Windows Event Log data source. |
Extension | GA |
| az monitor data-collection rule windows-event-log update |
Update a Windows Event Log data source. |
Extension | GA |
az monitor data-collection rule create
Create a data collection rule.
az monitor data-collection rule create --name
--resource-group
--rule-file
[--description]
[--location]
[--tags]Examples
Create data collection rule
az monitor data-collection rule create --resource-group "myResourceGroup" --location "eastus" --name "myCollectionRule" --rule-file "C:\samples\dcrEx1.json"Required Parameters
The name of the data collection rule. The name is case insensitive.
Name of resource group. You can configure the default group using az configure --defaults group=<name>.
The json file for rule parameters.
Optional Parameters
Description of the data collection rule.
Location. Values from: az account list-locations. You can configure the default location using az configure --defaults location=<location>.
Space-separated tags: key[=value] [key[=value] ...]. Use "" to clear existing tags.
Global Parameters
Increase logging verbosity to show all debug logs.
Show this help message and exit.
Only show errors, suppressing warnings.
Output format.
JMESPath query string. See http://jmespath.org/ for more information and examples.
Name or ID of subscription. You can configure the default subscription using az account set -s NAME_OR_ID.
Increase logging verbosity. Use --debug for full debug logs.
az monitor data-collection rule delete
Deletes a data collection rule.
az monitor data-collection rule delete [--ids]
[--name]
[--resource-group]
[--subscription]
[--yes]Examples
Delete data collection rule
az monitor data-collection rule delete --name "myCollectionRule" --resource-group "myResourceGroup"Optional Parameters
One or more resource IDs (space-delimited). It should be a complete resource ID containing all information of 'Resource Id' arguments. You should provide either --ids or other 'Resource Id' arguments.
The name of the data collection rule. The name is case insensitive.
Name of resource group. You can configure the default group using az configure --defaults group=<name>.
Name or ID of subscription. You can configure the default subscription using az account set -s NAME_OR_ID.
Do not prompt for confirmation.
Global Parameters
Increase logging verbosity to show all debug logs.
Show this help message and exit.
Only show errors, suppressing warnings.
Output format.
JMESPath query string. See http://jmespath.org/ for more information and examples.
Name or ID of subscription. You can configure the default subscription using az account set -s NAME_OR_ID.
Increase logging verbosity. Use --debug for full debug logs.
az monitor data-collection rule list
List all data collection rules in the specified resource group. And Lists all data collection rules in the specified subscription.
az monitor data-collection rule list [--resource-group]Examples
List data collection rules by resource group
az monitor data-collection rule list --resource-group "myResourceGroup"List data collection rules by subscription
az monitor data-collection rule listOptional Parameters
Name of resource group. You can configure the default group using az configure --defaults group=<name>.
Global Parameters
Increase logging verbosity to show all debug logs.
Show this help message and exit.
Only show errors, suppressing warnings.
Output format.
JMESPath query string. See http://jmespath.org/ for more information and examples.
Name or ID of subscription. You can configure the default subscription using az account set -s NAME_OR_ID.
Increase logging verbosity. Use --debug for full debug logs.
az monitor data-collection rule show
Return the specified data collection rule.
az monitor data-collection rule show [--ids]
[--name]
[--resource-group]
[--subscription]Examples
Get data collection rule
az monitor data-collection rule show --name "myCollectionRule" --resource-group "myResourceGroup"Optional Parameters
One or more resource IDs (space-delimited). It should be a complete resource ID containing all information of 'Resource Id' arguments. You should provide either --ids or other 'Resource Id' arguments.
The name of the data collection rule. The name is case insensitive.
Name of resource group. You can configure the default group using az configure --defaults group=<name>.
Name or ID of subscription. You can configure the default subscription using az account set -s NAME_OR_ID.
Global Parameters
Increase logging verbosity to show all debug logs.
Show this help message and exit.
Only show errors, suppressing warnings.
Output format.
JMESPath query string. See http://jmespath.org/ for more information and examples.
Name or ID of subscription. You can configure the default subscription using az account set -s NAME_OR_ID.
Increase logging verbosity. Use --debug for full debug logs.
az monitor data-collection rule update
Update a data collection rule.
az monitor data-collection rule update [--data-flows]
[--description]
[--extensions]
[--ids]
[--log-analytics]
[--monitor-metrics]
[--name]
[--performance-counters]
[--resource-group]
[--subscription]
[--syslog]
[--tags]
[--windows-event-logs]Examples
Update data collection rule
az monitor data-collection rule update --resource-group "myResourceGroup" --name "myCollectionRule" --data-flows destinations="centralWorkspace" streams="Microsoft-Perf" streams="Microsoft-Syslog" streams="Microsoft-WindowsEvent" --log-analytics name="centralWorkspace" resource-id="/subscriptions/703362b3-f278-4e4b-9179-c76eaf41ffc2/resourceGroups/myResourceGroup/providers/Microsoft.OperationalInsights/workspaces/centralTeamWorkspace" --performance-counters name="appTeamExtraCounters" counter-specifiers="\\Process(_Total)\\Thread Count" sampling-frequency=30 streams="Microsoft-Perf" --syslog name="cronSyslog" facility-names="cron" log-levels="Debug" log-levels="Critical" log-levels="Emergency" streams="Microsoft-Syslog" --windows-event-logs name="cloudSecurityTeamEvents" streams="Microsoft-WindowsEvent" x-path-queries="Security!"Optional Parameters
The specification of data flows.
Description of the data collection rule.
The list of Azure VM extension data source configurations. Expected value: json-string/@json-file.
One or more resource IDs (space-delimited). It should be a complete resource ID containing all information of 'Resource Id' arguments. You should provide either --ids or other 'Resource Id' arguments.
List of Log Analytics destinations.
Azure Monitor Metrics destination.
The name of the data collection rule. The name is case insensitive.
The list of performance counter data source configurations.
Name of resource group. You can configure the default group using az configure --defaults group=<name>.
Name or ID of subscription. You can configure the default subscription using az account set -s NAME_OR_ID.
The list of Syslog data source configurations.
Space-separated tags: key[=value] [key[=value] ...]. Use "" to clear existing tags.
The list of Windows Event Log data source configurations.
Global Parameters
Increase logging verbosity to show all debug logs.
Show this help message and exit.
Only show errors, suppressing warnings.
Output format.
JMESPath query string. See http://jmespath.org/ for more information and examples.
Name or ID of subscription. You can configure the default subscription using az account set -s NAME_OR_ID.
Increase logging verbosity. Use --debug for full debug logs.
Feedback
Submit and view feedback for