az monitor log-analytics query-pack query

Command group 'az monitor log-analytics query-pack' is in preview and under development. Reference and support levels: https://aka.ms/CLI_refstatus

Manage the query of log analytics query pack.

Commands

Name	Description	Type	Status
az monitor log-analytics query-pack query create	Create a specific query within a log analytics query pack.	Core	Preview
az monitor log-analytics query-pack query delete	Delete a specific query defined within a log analytics query pack.	Core	Preview
az monitor log-analytics query-pack query list	List queries defined within a log analytics query pack.	Core	Preview
az monitor log-analytics query-pack query search	Search a list of queries defined within a log analytics query pack according to given search properties.	Core	Preview
az monitor log-analytics query-pack query show	Show a specific query defined within a log analytics query pack.	Core	Preview
az monitor log-analytics query-pack query update	Update a specific query within a log analytics query pack.	Core	Preview

az monitor log-analytics query-pack query create

Preview

Command group 'az monitor log-analytics query-pack query' is in preview and under development. Reference and support levels: https://aka.ms/CLI_refstatus

Create a specific query within a log analytics query pack.

az monitor log-analytics query-pack query create --body
                                                 --display-name
                                                 --name
                                                 --query-pack-name
                                                 --resource-group
                                                 [--categories]
                                                 [--description]
                                                 [--resource-types]
                                                 [--solutions]
                                                 [--tags]

Examples

Create a query in a query pack

az monitor log-analytics query-pack query create --query-id 112c6b1f-5a86-4f01-a2d7-efb8e31f930f --display-name queryName -g resourceGroupName  --query-pack-name queryPackName --body "heartbeat | take 10" --description "some description" --categories "[network,monitor]" --resource-types "[microsoft.network/loadbalancers,microsoft.insights/autoscalesettings]" --solutions "[networkmonitoring]" --tags "{version:[v2022-01-01,v2021-12-01]}"

Required Parameters

--body

Content of the query.

--display-name

Unique display name for your query within the query pack.

--name --query-id -n

The id name of a specific query defined in the log analytics query pack. It must be of type GUID.

--query-pack-name

The name of the log analytics query pack.

--resource-group -g

Name of resource group. You can configure the default group using az configure --defaults group=<name>.

Optional Parameters

--categories

The related categories for the function. Support shorthand-syntax, json-file and yaml-file. Try "??" to show more.

--description

Description of the query.

--resource-types

The related resource types for the function. Support shorthand-syntax, json-file and yaml-file. Try "??" to show more.

--solutions

The related Log Analytics solutions for the function. Support shorthand-syntax, json-file and yaml-file. Try "??" to show more.

--tags

Tags associated with the query. Support shorthand-syntax, json-file and yaml-file. Try "??" to show more.

Global Parameters

--debug

Increase logging verbosity to show all debug logs.

--help -h

Show this help message and exit.

--only-show-errors

Only show errors, suppressing warnings.

--output -o

Output format.

accepted values: json, jsonc, none, table, tsv, yaml, yamlc

default value: json

--query

JMESPath query string. See http://jmespath.org/ for more information and examples.

--subscription

Name or ID of subscription. You can configure the default subscription using az account set -s NAME_OR_ID.

--verbose

Increase logging verbosity. Use --debug for full debug logs.

az monitor log-analytics query-pack query delete

Preview

Command group 'az monitor log-analytics query-pack query' is in preview and under development. Reference and support levels: https://aka.ms/CLI_refstatus

Delete a specific query defined within a log analytics query pack.

az monitor log-analytics query-pack query delete [--ids]
                                                 [--name]
                                                 [--query-pack-name]
                                                 [--resource-group]
                                                 [--subscription]
                                                 [--yes]

Examples

Delete a query in a query pack

az monitor log-analytics query-pack query delete --query-id 112c6b1f-5a86-4f01-a2d7-efb8e31f930f -g resourceGroup --query-pack-name queryPackName

Optional Parameters

--ids

One or more resource IDs (space-delimited). It should be a complete resource ID containing all information of 'Resource Id' arguments. You should provide either --ids or other 'Resource Id' arguments.

--name --query-id -n

The id name of a specific query defined in the log analytics query pack. It must be of type GUID.

--query-pack-name

The name of the log analytics query pack.

--resource-group -g

Name of resource group. You can configure the default group using az configure --defaults group=<name>.

--subscription

Name or ID of subscription. You can configure the default subscription using az account set -s NAME_OR_ID.

--yes -y

Do not prompt for confirmation.

default value: False

Global Parameters

--debug

Increase logging verbosity to show all debug logs.

--help -h

Show this help message and exit.

--only-show-errors

Only show errors, suppressing warnings.

--output -o

Output format.

accepted values: json, jsonc, none, table, tsv, yaml, yamlc

default value: json

--query

JMESPath query string. See http://jmespath.org/ for more information and examples.

--subscription

Name or ID of subscription. You can configure the default subscription using az account set -s NAME_OR_ID.

--verbose

Increase logging verbosity. Use --debug for full debug logs.

az monitor log-analytics query-pack query list

Preview

Command group 'az monitor log-analytics query-pack query' is in preview and under development. Reference and support levels: https://aka.ms/CLI_refstatus

List queries defined within a log analytics query pack.

az monitor log-analytics query-pack query list --query-pack-name
                                               --resource-group
                                               [--include-body {0, 1, f, false, n, no, t, true, y, yes}]

Examples

List queries in a query pack

az monitor log-analytics query-pack query list -g resourceGroupName --query-pack-name queryPackName

List queries in a query pack without query body content

az monitor log-analytics query-pack query list -g resourceGroupName --query-pack-name queryPackName --include-body false

Required Parameters

--query-pack-name

The name of the log analytics query pack.

--resource-group -g

Name of resource group. You can configure the default group using az configure --defaults group=<name>.

Optional Parameters

--include-body

Whether or not to return the body of each applicable query. If false, only return the query information. Default: true.

accepted values: 0, 1, f, false, n, no, t, true, y, yes

Global Parameters

--debug

Increase logging verbosity to show all debug logs.

--help -h

Show this help message and exit.

--only-show-errors

Only show errors, suppressing warnings.

--output -o

Output format.

accepted values: json, jsonc, none, table, tsv, yaml, yamlc

default value: json

--query

JMESPath query string. See http://jmespath.org/ for more information and examples.

--subscription

Name or ID of subscription. You can configure the default subscription using az account set -s NAME_OR_ID.

--verbose

Increase logging verbosity. Use --debug for full debug logs.

az monitor log-analytics query-pack query search

Preview

Command group 'az monitor log-analytics query-pack query' is in preview and under development. Reference and support levels: https://aka.ms/CLI_refstatus

Search a list of queries defined within a log analytics query pack according to given search properties.

az monitor log-analytics query-pack query search [--categories]
                                                 [--ids]
                                                 [--include-body {0, 1, f, false, n, no, t, true, y, yes}]
                                                 [--query-pack-name]
                                                 [--resource-group]
                                                 [--resource-types]
                                                 [--solutions]
                                                 [--subscription]
                                                 [--tags]

Examples

Search queries in a query pack

az monitor log-analytics query-pack query search -g resourceGroupName --query-pack-name queryPackName --categories network --resource-types microsoft.insights/autoscalesettings --solutions networkmonitoring --tags version="[v2021-12-01]"

Search queries in a query pack without query body content

az monitor log-analytics query-pack query search -g resourceGroupName --query-pack-name queryPackName --categories network --resource-types microsoft.insights/autoscalesettings --solutions networkmonitoring --tags version="[v2021-12-01]" --include-body false

Optional Parameters

--categories

The related categories for the function. Support shorthand-syntax, json-file and yaml-file. Try "??" to show more.

--ids

One or more resource IDs (space-delimited). It should be a complete resource ID containing all information of 'Resource Id' arguments. You should provide either --ids or other 'Resource Id' arguments.

--include-body

Whether or not to return the body of each applicable query. If false, only return the query information. Default: true.

accepted values: 0, 1, f, false, n, no, t, true, y, yes

--query-pack-name

The name of the log analytics query pack.

--resource-group -g

Name of resource group. You can configure the default group using az configure --defaults group=<name>.

--resource-types

The related resource types for the function. Support shorthand-syntax, json-file and yaml-file. Try "??" to show more.

--solutions

The related Log Analytics solutions for the function. Support shorthand-syntax, json-file and yaml-file. Try "??" to show more.

--subscription

Name or ID of subscription. You can configure the default subscription using az account set -s NAME_OR_ID.

--tags

Tags associated with the query. Support shorthand-syntax, json-file and yaml-file. Try "??" to show more.

Global Parameters

--debug

Increase logging verbosity to show all debug logs.

--help -h

Show this help message and exit.

--only-show-errors

Only show errors, suppressing warnings.

--output -o

Output format.

accepted values: json, jsonc, none, table, tsv, yaml, yamlc

default value: json

--query

JMESPath query string. See http://jmespath.org/ for more information and examples.

--subscription

Name or ID of subscription. You can configure the default subscription using az account set -s NAME_OR_ID.

--verbose

Increase logging verbosity. Use --debug for full debug logs.

az monitor log-analytics query-pack query show

Preview

Command group 'az monitor log-analytics query-pack query' is in preview and under development. Reference and support levels: https://aka.ms/CLI_refstatus

Show a specific query defined within a log analytics query pack.

az monitor log-analytics query-pack query show [--ids]
                                               [--name]
                                               [--query-pack-name]
                                               [--resource-group]
                                               [--subscription]

Examples

Show a query in a query pack

az monitor log-analytics query-pack query show --query-id 112c6b1f-5a86-4f01-a2d7-efb8e31f930f -g resourceGroup --query-pack-name queryPackName

Optional Parameters

--ids

One or more resource IDs (space-delimited). It should be a complete resource ID containing all information of 'Resource Id' arguments. You should provide either --ids or other 'Resource Id' arguments.

--name --query-id -n

The id name of a specific query defined in the log analytics query pack. It must be of type GUID.

--query-pack-name

The name of the log analytics query pack.

--resource-group -g

Name of resource group. You can configure the default group using az configure --defaults group=<name>.

--subscription

Name or ID of subscription. You can configure the default subscription using az account set -s NAME_OR_ID.

Global Parameters

--debug

Increase logging verbosity to show all debug logs.

--help -h

Show this help message and exit.

--only-show-errors

Only show errors, suppressing warnings.

--output -o

Output format.

accepted values: json, jsonc, none, table, tsv, yaml, yamlc

default value: json

--query

JMESPath query string. See http://jmespath.org/ for more information and examples.

--subscription

Name or ID of subscription. You can configure the default subscription using az account set -s NAME_OR_ID.

--verbose

Increase logging verbosity. Use --debug for full debug logs.

az monitor log-analytics query-pack query update

Preview

Command group 'az monitor log-analytics query-pack query' is in preview and under development. Reference and support levels: https://aka.ms/CLI_refstatus

Update a specific query within a log analytics query pack.

az monitor log-analytics query-pack query update [--add]
                                                 [--body]
                                                 [--categories]
                                                 [--description]
                                                 [--display-name]
                                                 [--force-string {0, 1, f, false, n, no, t, true, y, yes}]
                                                 [--ids]
                                                 [--name]
                                                 [--query-pack-name]
                                                 [--remove]
                                                 [--resource-group]
                                                 [--resource-types]
                                                 [--set]
                                                 [--solutions]
                                                 [--subscription]
                                                 [--tags]

Examples

Update a query in a query pack

az monitor log-analytics query-pack query update --query-id 112c6b1f-5a86-4f01-a2d7-efb8e31f930f -g resourceGroup  --query-pack-name queryPackName --body "heartbeat | take 20" --categories [2]=databases --tags version[0]=null

Optional Parameters

--add

Add an object to a list of objects by specifying a path and key value pairs. Example: --add property.listProperty <key=value, string or JSON string>.

--body

Content of the query.

--categories

The related categories for the function. Support shorthand-syntax, json-file and yaml-file. Try "??" to show more.

--description

Description of the query.

--display-name

Unique display name for your query within the query pack.

--force-string

When using 'set' or 'add', preserve string literals instead of attempting to convert to JSON.

accepted values: 0, 1, f, false, n, no, t, true, y, yes

--ids

One or more resource IDs (space-delimited). It should be a complete resource ID containing all information of 'Resource Id' arguments. You should provide either --ids or other 'Resource Id' arguments.

--name --query-id -n

The id name of a specific query defined in the log analytics query pack. It must be of type GUID.

--query-pack-name

The name of the log analytics query pack.

--remove

Remove a property or an element from a list. Example: --remove property.list OR --remove propertyToRemove.

--resource-group -g

Name of resource group. You can configure the default group using az configure --defaults group=<name>.

--resource-types

The related resource types for the function. Support shorthand-syntax, json-file and yaml-file. Try "??" to show more.

--set

Update an object by specifying a property path and value to set. Example: --set property1.property2=.

--solutions

The related Log Analytics solutions for the function. Support shorthand-syntax, json-file and yaml-file. Try "??" to show more.

--subscription

Name or ID of subscription. You can configure the default subscription using az account set -s NAME_OR_ID.

--tags

Tags associated with the query. Support shorthand-syntax, json-file and yaml-file. Try "??" to show more.

Global Parameters

--debug

Increase logging verbosity to show all debug logs.

--help -h

Show this help message and exit.

--only-show-errors

Only show errors, suppressing warnings.

--output -o

Output format.

accepted values: json, jsonc, none, table, tsv, yaml, yamlc

default value: json

--query

JMESPath query string. See http://jmespath.org/ for more information and examples.

--subscription

Name or ID of subscription. You can configure the default subscription using az account set -s NAME_OR_ID.

--verbose

Increase logging verbosity. Use --debug for full debug logs.