az monitor activity-log alert
Manage activity log alert rules.
Commands
Name | Description | Type | Status |
---|---|---|---|
az monitor activity-log alert action-group | Core | GA | |
az monitor activity-log alert action-group add |
Add action groups to this activity log alert rule. It can also be used to overwrite existing webhook properties of particular action groups. |
Core | GA |
az monitor activity-log alert action-group remove |
Remove action groups from this activity log alert rule. |
Core | GA |
az monitor activity-log alert create |
Create a default activity log alert rule. |
Core | GA |
az monitor activity-log alert delete |
Delete an activity log alert. |
Core | GA |
az monitor activity-log alert list |
List activity log alert rules under a resource group or the current subscription. |
Core | GA |
az monitor activity-log alert scope | Core | GA | |
az monitor activity-log alert scope add |
Add scopes to this activity log alert rule. |
Core | GA |
az monitor activity-log alert scope remove |
Removes scopes from this activity log alert rule. |
Core | GA |
az monitor activity-log alert show |
Get an activity log alert. |
Core | GA |
az monitor activity-log alert update |
Update a new activity log alert or update an existing one. |
Core | GA |
az monitor activity-log alert create
Create a default activity log alert rule.
This command will create a default activity log with one condition which compares if the activities logs 'category' field equals to 'ServiceHealth'. The newly created activity log alert does not have any action groups attached to it.
az monitor activity-log alert create --activity-log-alert-name
--resource-group
[--action-group]
[--all-of]
[--condition]
[--description]
[--disable {0, 1, f, false, n, no, t, true, y, yes}]
[--scope]
[--tags]
[--webhook-properties]
Examples
Create an alert rule with default settings.
az monitor activity-log alert create -n AlertName -g ResourceGroup
Create an alert rule with condition about error level service health log.
az monitor activity-log alert create -n AlertName -g ResourceGroup --condition category=ServiceHealth and level=Error
Create an alert rule with an action group and specify webhook properties.
az monitor activity-log alert create -n AlertName -g ResourceGroup -a /subscriptions/{SubID}/resourceGroups/{ResourceGroup}/providers/microsoft.insights/actionGroups/{ActionGroup} -w usage=test owner=jane
Create an alert rule which is initially disabled.
az monitor activity-log alert create -n AlertName -g ResourceGroup --disable
Required Parameters
The name of the activity log alert.
Name of resource group. You can configure the default group using az configure --defaults group=<name>
.
Optional Parameters
Add an action group. Accepts space-separated action group identifiers. The identifier can be the action group's name or its resource ID. Support shorthand-syntax, json-file and yaml-file. Try "??" to show more.
The list of Activity Log Alert rule conditions. Support shorthand-syntax, json-file and yaml-file. Try "??" to show more.
The condition that will cause the alert rule to activate. The format is FIELD=VALUE[ and FIELD=VALUE...] The possible values for the field are 'resourceId', 'category', 'caller', 'level', 'operationName', 'resourceGroup', 'resourceProvider', 'status', 'subStatus', 'resourceType', or anything beginning with 'properties'. Support shorthand-syntax, json-file and yaml-file. Try "??" to show more.
A description of this Activity Log Alert rule.
Disable the activity log alert rule after it is created.
A list of strings that will be used as prefixes. The alert rule will only apply to activity logs with resourceIDs that fall under one of these prefixes. If not provided, the subscriptionId will be used. Support shorthand-syntax, json-file and yaml-file. Try "??" to show more.
The tags of the resource. Support shorthand-syntax, json-file and yaml-file. Try "??" to show more.
Space-separated webhook properties in 'key[=value]' format. These properties are associated with the action groups added in this command. For any webhook receiver in these action group, this data is appended to the webhook payload. To attach different webhook properties to different action groups, add the action groups in separate update-action commands. Support shorthand-syntax, json-file and yaml-file. Try "??" to show more.
Global Parameters
Increase logging verbosity to show all debug logs.
Show this help message and exit.
Only show errors, suppressing warnings.
Output format.
JMESPath query string. See http://jmespath.org/ for more information and examples.
Name or ID of subscription. You can configure the default subscription using az account set -s NAME_OR_ID
.
Increase logging verbosity. Use --debug for full debug logs.
az monitor activity-log alert delete
Delete an activity log alert.
az monitor activity-log alert delete [--activity-log-alert-name]
[--ids]
[--resource-group]
[--subscription]
Optional Parameters
The name of the activity log alert.
One or more resource IDs (space-delimited). It should be a complete resource ID containing all information of 'Resource Id' arguments. You should provide either --ids or other 'Resource Id' arguments.
Name of resource group. You can configure the default group using az configure --defaults group=<name>
.
Name or ID of subscription. You can configure the default subscription using az account set -s NAME_OR_ID
.
Global Parameters
Increase logging verbosity to show all debug logs.
Show this help message and exit.
Only show errors, suppressing warnings.
Output format.
JMESPath query string. See http://jmespath.org/ for more information and examples.
Name or ID of subscription. You can configure the default subscription using az account set -s NAME_OR_ID
.
Increase logging verbosity. Use --debug for full debug logs.
az monitor activity-log alert list
List activity log alert rules under a resource group or the current subscription.
az monitor activity-log alert list [--resource-group]
Optional Parameters
Name of resource group. You can configure the default group using az configure --defaults group=<name>
.
Global Parameters
Increase logging verbosity to show all debug logs.
Show this help message and exit.
Only show errors, suppressing warnings.
Output format.
JMESPath query string. See http://jmespath.org/ for more information and examples.
Name or ID of subscription. You can configure the default subscription using az account set -s NAME_OR_ID
.
Increase logging verbosity. Use --debug for full debug logs.
az monitor activity-log alert show
Get an activity log alert.
az monitor activity-log alert show [--activity-log-alert-name]
[--ids]
[--resource-group]
[--subscription]
Optional Parameters
The name of the activity log alert.
One or more resource IDs (space-delimited). It should be a complete resource ID containing all information of 'Resource Id' arguments. You should provide either --ids or other 'Resource Id' arguments.
Name of resource group. You can configure the default group using az configure --defaults group=<name>
.
Name or ID of subscription. You can configure the default subscription using az account set -s NAME_OR_ID
.
Global Parameters
Increase logging verbosity to show all debug logs.
Show this help message and exit.
Only show errors, suppressing warnings.
Output format.
JMESPath query string. See http://jmespath.org/ for more information and examples.
Name or ID of subscription. You can configure the default subscription using az account set -s NAME_OR_ID
.
Increase logging verbosity. Use --debug for full debug logs.
az monitor activity-log alert update
Update a new activity log alert or update an existing one.
az monitor activity-log alert update [--activity-log-alert-name]
[--add]
[--all-of]
[--condition]
[--description]
[--enabled {0, 1, f, false, n, no, t, true, y, yes}]
[--force-string {0, 1, f, false, n, no, t, true, y, yes}]
[--ids]
[--remove]
[--resource-group]
[--set]
[--subscription]
[--tags]
Examples
Update the condition
az monitor activity-log alert update -n AlertName -g ResourceGroup --condition category=ServiceHealth and level=Error
Disable an alert rule.
az monitor activity-log alert update -n AlertName -g ResourceGroup --enable false
Update the details of this activity log alert rule.
az monitor activity-log alert update --enabled true --name MyActivityLogAlerts --resource- group MyResourceGroup --subscription MySubscription
Update the details of this activity log alert.
az monitor activity-log alert update --name MyActivityLogAlerts --resource-group MyResourceGroup --tags key=value
Optional Parameters
The name of the activity log alert.
Add an object to a list of objects by specifying a path and key value pairs. Example: --add property.listProperty <key=value, string or JSON string>
.
The list of Activity Log Alert rule conditions. Support shorthand-syntax, json-file and yaml-file. Try "??" to show more.
The condition that will cause the alert rule to activate. The format is FIELD=VALUE[ and FIELD=VALUE...] The possible values for the field are 'resourceId', 'category', 'caller', 'level', 'operationName', 'resourceGroup', 'resourceProvider', 'status', 'subStatus', 'resourceType', or anything beginning with 'properties'. Support shorthand-syntax, json-file and yaml-file. Try "??" to show more.
A description of this Activity Log Alert rule.
Indicates whether this Activity Log Alert rule is enabled. If an Activity Log Alert rule is not enabled, then none of its actions will be activated.
When using 'set' or 'add', preserve string literals instead of attempting to convert to JSON.
One or more resource IDs (space-delimited). It should be a complete resource ID containing all information of 'Resource Id' arguments. You should provide either --ids or other 'Resource Id' arguments.
Remove a property or an element from a list. Example: --remove property.list <indexToRemove>
OR --remove propertyToRemove
.
Name of resource group. You can configure the default group using az configure --defaults group=<name>
.
Update an object by specifying a property path and value to set. Example: --set property1.property2=<value>
.
Name or ID of subscription. You can configure the default subscription using az account set -s NAME_OR_ID
.
The tags of the resource. Support shorthand-syntax, json-file and yaml-file. Try "??" to show more.
Global Parameters
Increase logging verbosity to show all debug logs.
Show this help message and exit.
Only show errors, suppressing warnings.
Output format.
JMESPath query string. See http://jmespath.org/ for more information and examples.
Name or ID of subscription. You can configure the default subscription using az account set -s NAME_OR_ID
.
Increase logging verbosity. Use --debug for full debug logs.
Azure CLI