az sentinel automation-rule
Note
This reference is part of the sentinel extension for the Azure CLI (version 2.37.0 or higher). The extension will automatically install the first time you run an az sentinel automation-rule command. Learn more about extensions.
Manage automation rule with sentinel.
Commands
| Name | Description | Type | Status |
|---|---|---|---|
| az sentinel automation-rule create |
Create the automation rule. |
Extension | Experimental |
| az sentinel automation-rule delete |
Delete the automation rule. |
Extension | Experimental |
| az sentinel automation-rule list |
Get all automation rules. |
Extension | Experimental |
| az sentinel automation-rule show |
Get the automation rule. |
Extension | Experimental |
| az sentinel automation-rule update |
Update the automation rule. |
Extension | Experimental |
az sentinel automation-rule create
This command is experimental and under development. Reference and support levels: https://aka.ms/CLI_refstatus
Create the automation rule.
az sentinel automation-rule create --automation-rule-name --name
--resource-group
--workspace-name
[--actions]
[--display-name]
[--etag]
[--order]
[--triggering-logic]Required Parameters
Name of automation rule.
Name of resource group. You can configure the default group using az configure --defaults group=<name>.
The name of the workspace.
Optional Parameters
The following parameters are optional, but depending on the context, one or more might become required for the command to execute successfully.
The actions to execute when the automation rule is triggered. Support shorthand-syntax, json-file and yaml-file. Try "??" to show more.
| Property | Value |
|---|---|
| Parameter group: | Properties Arguments |
The display name of the automation rule.
| Property | Value |
|---|---|
| Parameter group: | Properties Arguments |
Etag of the azure resource.
| Property | Value |
|---|---|
| Parameter group: | AutomationRuleToUpsert Arguments |
The order of execution of the automation rule.
| Property | Value |
|---|---|
| Parameter group: | Properties Arguments |
Describes automation rule triggering logic. Support shorthand-syntax, json-file and yaml-file. Try "??" to show more.
| Property | Value |
|---|---|
| Parameter group: | Properties Arguments |
Global Parameters
Increase logging verbosity to show all debug logs.
| Property | Value |
|---|---|
| Default value: | False |
Show this help message and exit.
Only show errors, suppressing warnings.
| Property | Value |
|---|---|
| Default value: | False |
Output format.
| Property | Value |
|---|---|
| Default value: | json |
| Accepted values: | json, jsonc, none, table, tsv, yaml, yamlc |
JMESPath query string. See http://jmespath.org/ for more information and examples.
Name or ID of subscription. You can configure the default subscription using az account set -s NAME_OR_ID.
Increase logging verbosity. Use --debug for full debug logs.
| Property | Value |
|---|---|
| Default value: | False |
az sentinel automation-rule delete
This command is experimental and under development. Reference and support levels: https://aka.ms/CLI_refstatus
Delete the automation rule.
az sentinel automation-rule delete [--automation-rule-name --name]
[--ids]
[--resource-group]
[--subscription]
[--workspace-name]
[--yes]Optional Parameters
The following parameters are optional, but depending on the context, one or more might become required for the command to execute successfully.
Name of automation rule.
| Property | Value |
|---|---|
| Parameter group: | Resource Id Arguments |
One or more resource IDs (space-delimited). It should be a complete resource ID containing all information of 'Resource Id' arguments. You should provide either --ids or other 'Resource Id' arguments.
| Property | Value |
|---|---|
| Parameter group: | Resource Id Arguments |
Name of resource group. You can configure the default group using az configure --defaults group=<name>.
| Property | Value |
|---|---|
| Parameter group: | Resource Id Arguments |
Name or ID of subscription. You can configure the default subscription using az account set -s NAME_OR_ID.
| Property | Value |
|---|---|
| Parameter group: | Resource Id Arguments |
The name of the workspace.
| Property | Value |
|---|---|
| Parameter group: | Resource Id Arguments |
Do not prompt for confirmation.
| Property | Value |
|---|---|
| Default value: | False |
Global Parameters
Increase logging verbosity to show all debug logs.
| Property | Value |
|---|---|
| Default value: | False |
Show this help message and exit.
Only show errors, suppressing warnings.
| Property | Value |
|---|---|
| Default value: | False |
Output format.
| Property | Value |
|---|---|
| Default value: | json |
| Accepted values: | json, jsonc, none, table, tsv, yaml, yamlc |
JMESPath query string. See http://jmespath.org/ for more information and examples.
Increase logging verbosity. Use --debug for full debug logs.
| Property | Value |
|---|---|
| Default value: | False |
az sentinel automation-rule list
This command is experimental and under development. Reference and support levels: https://aka.ms/CLI_refstatus
Get all automation rules.
az sentinel automation-rule list --resource-group
--workspace-nameRequired Parameters
Name of resource group. You can configure the default group using az configure --defaults group=<name>.
The name of the workspace.
Global Parameters
Increase logging verbosity to show all debug logs.
| Property | Value |
|---|---|
| Default value: | False |
Show this help message and exit.
Only show errors, suppressing warnings.
| Property | Value |
|---|---|
| Default value: | False |
Output format.
| Property | Value |
|---|---|
| Default value: | json |
| Accepted values: | json, jsonc, none, table, tsv, yaml, yamlc |
JMESPath query string. See http://jmespath.org/ for more information and examples.
Name or ID of subscription. You can configure the default subscription using az account set -s NAME_OR_ID.
Increase logging verbosity. Use --debug for full debug logs.
| Property | Value |
|---|---|
| Default value: | False |
az sentinel automation-rule show
This command is experimental and under development. Reference and support levels: https://aka.ms/CLI_refstatus
Get the automation rule.
az sentinel automation-rule show [--automation-rule-name --name]
[--ids]
[--resource-group]
[--subscription]
[--workspace-name]Optional Parameters
The following parameters are optional, but depending on the context, one or more might become required for the command to execute successfully.
Name of automation rule.
| Property | Value |
|---|---|
| Parameter group: | Resource Id Arguments |
One or more resource IDs (space-delimited). It should be a complete resource ID containing all information of 'Resource Id' arguments. You should provide either --ids or other 'Resource Id' arguments.
| Property | Value |
|---|---|
| Parameter group: | Resource Id Arguments |
Name of resource group. You can configure the default group using az configure --defaults group=<name>.
| Property | Value |
|---|---|
| Parameter group: | Resource Id Arguments |
Name or ID of subscription. You can configure the default subscription using az account set -s NAME_OR_ID.
| Property | Value |
|---|---|
| Parameter group: | Resource Id Arguments |
The name of the workspace.
| Property | Value |
|---|---|
| Parameter group: | Resource Id Arguments |
Global Parameters
Increase logging verbosity to show all debug logs.
| Property | Value |
|---|---|
| Default value: | False |
Show this help message and exit.
Only show errors, suppressing warnings.
| Property | Value |
|---|---|
| Default value: | False |
Output format.
| Property | Value |
|---|---|
| Default value: | json |
| Accepted values: | json, jsonc, none, table, tsv, yaml, yamlc |
JMESPath query string. See http://jmespath.org/ for more information and examples.
Increase logging verbosity. Use --debug for full debug logs.
| Property | Value |
|---|---|
| Default value: | False |
az sentinel automation-rule update
This command is experimental and under development. Reference and support levels: https://aka.ms/CLI_refstatus
Update the automation rule.
az sentinel automation-rule update [--actions]
[--add]
[--automation-rule-name --name]
[--display-name]
[--etag]
[--force-string {0, 1, f, false, n, no, t, true, y, yes}]
[--ids]
[--order]
[--remove]
[--resource-group]
[--set]
[--subscription]
[--triggering-logic]
[--workspace-name]Optional Parameters
The following parameters are optional, but depending on the context, one or more might become required for the command to execute successfully.
The actions to execute when the automation rule is triggered. Support shorthand-syntax, json-file and yaml-file. Try "??" to show more.
| Property | Value |
|---|---|
| Parameter group: | Properties Arguments |
Add an object to a list of objects by specifying a path and key value pairs. Example: --add property.listProperty <key=value, string or JSON string>.
| Property | Value |
|---|---|
| Parameter group: | Generic Update Arguments |
Name of automation rule.
| Property | Value |
|---|---|
| Parameter group: | Resource Id Arguments |
The display name of the automation rule.
| Property | Value |
|---|---|
| Parameter group: | Properties Arguments |
Etag of the azure resource.
| Property | Value |
|---|---|
| Parameter group: | AutomationRuleToUpsert Arguments |
When using 'set' or 'add', preserve string literals instead of attempting to convert to JSON.
| Property | Value |
|---|---|
| Parameter group: | Generic Update Arguments |
| Accepted values: | 0, 1, f, false, n, no, t, true, y, yes |
One or more resource IDs (space-delimited). It should be a complete resource ID containing all information of 'Resource Id' arguments. You should provide either --ids or other 'Resource Id' arguments.
| Property | Value |
|---|---|
| Parameter group: | Resource Id Arguments |
The order of execution of the automation rule.
| Property | Value |
|---|---|
| Parameter group: | Properties Arguments |
Remove a property or an element from a list. Example: --remove property.list <indexToRemove> OR --remove propertyToRemove.
| Property | Value |
|---|---|
| Parameter group: | Generic Update Arguments |
Name of resource group. You can configure the default group using az configure --defaults group=<name>.
| Property | Value |
|---|---|
| Parameter group: | Resource Id Arguments |
Update an object by specifying a property path and value to set. Example: --set property1.property2=<value>.
| Property | Value |
|---|---|
| Parameter group: | Generic Update Arguments |
Name or ID of subscription. You can configure the default subscription using az account set -s NAME_OR_ID.
| Property | Value |
|---|---|
| Parameter group: | Resource Id Arguments |
Describes automation rule triggering logic. Support shorthand-syntax, json-file and yaml-file. Try "??" to show more.
| Property | Value |
|---|---|
| Parameter group: | Properties Arguments |
The name of the workspace.
| Property | Value |
|---|---|
| Parameter group: | Resource Id Arguments |
Global Parameters
Increase logging verbosity to show all debug logs.
| Property | Value |
|---|---|
| Default value: | False |
Show this help message and exit.
Only show errors, suppressing warnings.
| Property | Value |
|---|---|
| Default value: | False |
Output format.
| Property | Value |
|---|---|
| Default value: | json |
| Accepted values: | json, jsonc, none, table, tsv, yaml, yamlc |
JMESPath query string. See http://jmespath.org/ for more information and examples.
Increase logging verbosity. Use --debug for full debug logs.
| Property | Value |
|---|---|
| Default value: | False |
