命名空间:microsoft.graph.healthMonitoring
重要
Microsoft Graph /beta 版本下的 API 可能会发生更改。 不支持在生产应用程序中使用这些 API。 若要确定 API 是否在 v1.0 中可用,请使用 版本 选择器。
读取Microsoft Entra运行状况监视警报对象的属性和关系。 返回的警报对象包含有关租户内触发的每个警报的状态、类型、日期和影响的信息。
此 API 可用于以下国家级云部署。
| 全局服务 |
美国政府 L4 |
美国政府 L5 (DOD) |
由世纪互联运营的中国 |
| ✅ |
❌ |
❌ |
❌ |
权限
为此 API 选择标记为最低特权的权限。
只有在应用需要它时,才使用更高的特权权限。 有关委派权限和应用程序权限的详细信息,请参阅权限类型。 要了解有关这些权限的详细信息,请参阅 权限参考。
| 权限类型 |
最低特权权限 |
更高特权权限 |
| 委派(工作或学校帐户) |
HealthMonitoringAlert.Read.All |
HealthMonitoringAlert.ReadWrite.All |
| 委派(个人 Microsoft 帐户) |
不支持。 |
不支持。 |
| 应用程序 |
HealthMonitoringAlert.Read.All |
HealthMonitoringAlert.ReadWrite.All |
重要
除了委派的权限外,已登录用户还需要属于允许他们查看警报的Microsoft Entra角色。 此作支持以下最低特权角色。
- 全局读取者
- 安全管理员
- 安全操作员
- 安全信息读取者
- 帮助台管理员
- 报告读取者
HTTP 请求
GET /reports/healthMonitoring/alerts/{alertId}
可选的查询参数
此方法支持使用 $select 和 $expandOData 查询参数,以帮助自定义响应。
如果未添加任何 $expand 查询参数,则默认情况下,此 API 不会返回 resourceSampling 属性。 如果要检索触发根本原因调查警报所涉及的资源示例,可以添加 $expand=enrichment/impacts/microsoft.graph.healthmonitoring.directoryobjectimpactsummary/resourceSampling 以在 directoryObjectImpactSummary 中查看resourceSampling。
请求正文
请勿提供此方法的请求正文。
响应
如果成功,此方法在 200 OK 响应正文中返回响应代码和 microsoft.graph.healthMonitoring.alert 对象。
示例
示例 1:获取指定警报的属性
请求
以下示例显示了一个请求。
GET https://graph.microsoft.com/beta/reports/healthMonitoring/alerts/{id}
// Code snippets are only available for the latest version. Current version is 5.x
// To initialize your graphClient, see https://learn.microsoft.com/en-us/graph/sdks/create-client?from=snippets&tabs=csharp
var result = await graphClient.Reports.HealthMonitoring.Alerts["{alert-id}"].GetAsync();
mgc-beta reports health-monitoring alerts get --alert-id {alert-id}
// Code snippets are only available for the latest major version. Current major version is $v0.*
// Dependencies
import (
"context"
msgraphsdk "github.com/microsoftgraph/msgraph-beta-sdk-go"
//other-imports
)
// To initialize your graphClient, see https://learn.microsoft.com/en-us/graph/sdks/create-client?from=snippets&tabs=go
alerts, err := graphClient.Reports().HealthMonitoring().Alerts().ByAlertId("alert-id").Get(context.Background(), nil)
// Code snippets are only available for the latest version. Current version is 6.x
GraphServiceClient graphClient = new GraphServiceClient(requestAdapter);
com.microsoft.graph.models.healthmonitoring.Alert result = graphClient.reports().healthMonitoring().alerts().byAlertId("{alert-id}").get();
const options = {
authProvider,
};
const client = Client.init(options);
let alert = await client.api('/reports/healthMonitoring/alerts/{id}')
.version('beta')
.get();
<?php
use Microsoft\Graph\Beta\GraphServiceClient;
$graphServiceClient = new GraphServiceClient($tokenRequestContext, $scopes);
$result = $graphServiceClient->reports()->healthMonitoring()->alerts()->byAlertId('alert-id')->get()->wait();
Import-Module Microsoft.Graph.Beta.Reports
Get-MgBetaReportHealthMonitoringAlert -AlertId $alertId
# Code snippets are only available for the latest version. Current version is 1.x
from msgraph_beta import GraphServiceClient
# To initialize your graph_client, see https://learn.microsoft.com/en-us/graph/sdks/create-client?from=snippets&tabs=python
result = await graph_client.reports.health_monitoring.alerts.by_alert_id('alert-id').get()
响应
以下示例显示了相应的响应。
注意:为了提高可读性,可能缩短了此处显示的响应对象。
HTTP/1.1 200 OK
Content-Type: application/json
{
"@odata.context": "https://graph.microsoft.com/beta/$metadata#reports/healthMonitoring/alerts/$entity",
"id": "0c56dfcb-13db-4128-bda2-fc3e42742467",
"alertType": "mfaSignInFailure",
"scenario": "mfa",
"category": "authentication",
"createdDateTime": "2024-06-19T11:23:44.1234567Z",
"state": "active",
"enrichment": {
"state": "enriched",
"impacts": [
{
"@odata.type": "#microsoft.graph.healthMonitoring.userImpactSummary",
"resourceType": "user",
"impactedCount": 143,
"impactedCountLimitExceeded": false
},
{
"@odata.type": "#microsoft.graph.healthMonitoring.applicationImpactSummary",
"resourceType": "application",
"impactedCount": 1,
"impactedCountLimitExceeded": true
}
],
"supportingData": {
"signIns": "https://graph.microsoft.com/beta/auditLogs/signIns?$filter=((status/errorCode eq 500121) and createdDateTime gt 2024-06-08T11:23:44.1234567Z and createdDateTime le 2024-06-19T11:23:44.1234567Z and (signInEventTypes/any(t:t eq 'interactiveUser' or t eq 'noninteractiveUser')))",
"audits": "https://graph.microsoft.com/beta/auditLogs/directoryaudits?$filter=(activityDateTime ge 2024-06-08T11:23:44.1234567Z and activityDateTime le 2024-06-19T11:23:44.1234567Z)&$top=50&$orderby=activityDateTime desc"
}
},
"signals": {
"mfaSignInFailure": "https://graph.microsoft.com/beta/reports/serviceActivity/getMetricsForMfaSignInFailure(inclusiveIntervalStartDateTime=2024-06-08T11:23:44.1234567Z, exclusiveIntervalEndDateTime=2024-06-19T11:23:44.1234567Z, aggregationIntervalInMinutes=5)"
},
"documentation": {
"troubleshootingGuide": "https://go.microsoft.com/fwlink/?linkid=2280158"
}
}
示例 2:使用$select检索警报的特定属性
请求
以下示例显示了一个请求。
GET https://graph.microsoft.com/beta/reports/healthMonitoring/alerts/{id}?$select=alertType, state, createdDateTime, signals
// Code snippets are only available for the latest version. Current version is 5.x
// To initialize your graphClient, see https://learn.microsoft.com/en-us/graph/sdks/create-client?from=snippets&tabs=csharp
var result = await graphClient.Reports.HealthMonitoring.Alerts["{alert-id}"].GetAsync((requestConfiguration) =>
{
requestConfiguration.QueryParameters.Select = new string []{ "alertType"," state"," createdDateTime"," signals" };
});
mgc-beta reports health-monitoring alerts get --alert-id {alert-id} --select "alertType, state, createdDateTime, signals"
// Code snippets are only available for the latest major version. Current major version is $v0.*
// Dependencies
import (
"context"
msgraphsdk "github.com/microsoftgraph/msgraph-beta-sdk-go"
graphreports "github.com/microsoftgraph/msgraph-beta-sdk-go/reports"
//other-imports
)
requestParameters := &graphreports.HealthMonitoringAlertsItemRequestBuilderGetQueryParameters{
Select: [] string {"alertType"," state"," createdDateTime"," signals"},
}
configuration := &graphreports.HealthMonitoringAlertsItemRequestBuilderGetRequestConfiguration{
QueryParameters: requestParameters,
}
// To initialize your graphClient, see https://learn.microsoft.com/en-us/graph/sdks/create-client?from=snippets&tabs=go
alerts, err := graphClient.Reports().HealthMonitoring().Alerts().ByAlertId("alert-id").Get(context.Background(), configuration)
// Code snippets are only available for the latest version. Current version is 6.x
GraphServiceClient graphClient = new GraphServiceClient(requestAdapter);
com.microsoft.graph.models.healthmonitoring.Alert result = graphClient.reports().healthMonitoring().alerts().byAlertId("{alert-id}").get(requestConfiguration -> {
requestConfiguration.queryParameters.select = new String []{"alertType", " state", " createdDateTime", " signals"};
});
const options = {
authProvider,
};
const client = Client.init(options);
let alert = await client.api('/reports/healthMonitoring/alerts/{id}')
.version('beta')
.select('alertType,state,createdDateTime,signals')
.get();
<?php
use Microsoft\Graph\Beta\GraphServiceClient;
use Microsoft\Graph\Beta\Generated\Reports\HealthMonitoring\Alerts\Item\AlertItemRequestBuilderGetRequestConfiguration;
$graphServiceClient = new GraphServiceClient($tokenRequestContext, $scopes);
$requestConfiguration = new AlertItemRequestBuilderGetRequestConfiguration();
$queryParameters = AlertItemRequestBuilderGetRequestConfiguration::createQueryParameters();
$queryParameters->select = ["alertType"," state"," createdDateTime"," signals"];
$requestConfiguration->queryParameters = $queryParameters;
$result = $graphServiceClient->reports()->healthMonitoring()->alerts()->byAlertId('alert-id')->get($requestConfiguration)->wait();
Import-Module Microsoft.Graph.Beta.Reports
Get-MgBetaReportHealthMonitoringAlert -AlertId $alertId -Property "alertType, state, createdDateTime, signals"
# Code snippets are only available for the latest version. Current version is 1.x
from msgraph_beta import GraphServiceClient
from msgraph_beta.generated.reports.health_monitoring.alerts.item.alert_item_request_builder import AlertItemRequestBuilder
from kiota_abstractions.base_request_configuration import RequestConfiguration
# To initialize your graph_client, see https://learn.microsoft.com/en-us/graph/sdks/create-client?from=snippets&tabs=python
query_params = AlertItemRequestBuilder.AlertItemRequestBuilderGetQueryParameters(
select = ["alertType"," state"," createdDateTime"," signals"],
)
request_configuration = RequestConfiguration(
query_parameters = query_params,
)
result = await graph_client.reports.health_monitoring.alerts.by_alert_id('alert-id').get(request_configuration = request_configuration)
响应
以下示例显示了相应的响应。
注意:为了提高可读性,可能缩短了此处显示的响应对象。
HTTP/1.1 200 OK
Content-Type: application/json
{
"@odata.context": "https://graph.microsoft.com/beta/$metadata#reports/healthMonitoring/alerts(alertType,state,createdDateTime,signals)/$entity",
"alertType": "mfaSignInFailure",
"createdDateTime": "2024-06-19T11:23:44.1234567Z",
"state": "active",
"signals": {
"mfaSignInFailure": "https://graph.microsoft.com/beta/reports/serviceActivity/getMetricsForMfaSignInFailure(inclusiveIntervalStartDateTime=2024-06-08T11:23:44.1234567Z, exclusiveIntervalEndDateTime=2024-06-19T11:23:44.1234567Z, aggregationIntervalInMinutes=5)"
}
}
示例 3:使用 $expand 显示警报的资源采样
请求
以下示例显示了一个请求。
GET https://graph.microsoft.com/beta/reports/healthMonitoring/alerts/{id}?$expand=enrichment/impacts/microsoft.graph.healthmonitoring.directoryobjectimpactsummary/resourceSampling&$select=alertType, createdDateTime, enrichment'
// Code snippets are only available for the latest version. Current version is 5.x
// To initialize your graphClient, see https://learn.microsoft.com/en-us/graph/sdks/create-client?from=snippets&tabs=csharp
var result = await graphClient.Reports.HealthMonitoring.Alerts["{alert-id}"].GetAsync((requestConfiguration) =>
{
requestConfiguration.QueryParameters.Expand = new string []{ "enrichment/impacts/microsoft.graph.healthmonitoring.directoryobjectimpactsummary/resourceSampling" };
requestConfiguration.QueryParameters.Select = new string []{ "alertType"," createdDateTime"," enrichment'" };
});
mgc-beta reports health-monitoring alerts get --alert-id {alert-id} --select "alertType, createdDateTime, enrichment'" --expand "enrichment/impacts/microsoft.graph.healthmonitoring.directoryobjectimpactsummary/resourceSampling"
// Code snippets are only available for the latest major version. Current major version is $v0.*
// Dependencies
import (
"context"
msgraphsdk "github.com/microsoftgraph/msgraph-beta-sdk-go"
graphreports "github.com/microsoftgraph/msgraph-beta-sdk-go/reports"
//other-imports
)
requestParameters := &graphreports.HealthMonitoringAlertsItemRequestBuilderGetQueryParameters{
Expand: [] string {"enrichment/impacts/microsoft.graph.healthmonitoring.directoryobjectimpactsummary/resourceSampling"},
Select: [] string {"alertType"," createdDateTime"," enrichment'"},
}
configuration := &graphreports.HealthMonitoringAlertsItemRequestBuilderGetRequestConfiguration{
QueryParameters: requestParameters,
}
// To initialize your graphClient, see https://learn.microsoft.com/en-us/graph/sdks/create-client?from=snippets&tabs=go
alerts, err := graphClient.Reports().HealthMonitoring().Alerts().ByAlertId("alert-id").Get(context.Background(), configuration)
// Code snippets are only available for the latest version. Current version is 6.x
GraphServiceClient graphClient = new GraphServiceClient(requestAdapter);
com.microsoft.graph.models.healthmonitoring.Alert result = graphClient.reports().healthMonitoring().alerts().byAlertId("{alert-id}").get(requestConfiguration -> {
requestConfiguration.queryParameters.expand = new String []{"enrichment/impacts/microsoft.graph.healthmonitoring.directoryobjectimpactsummary/resourceSampling"};
requestConfiguration.queryParameters.select = new String []{"alertType", " createdDateTime", " enrichment'"};
});
<?php
use Microsoft\Graph\Beta\GraphServiceClient;
use Microsoft\Graph\Beta\Generated\Reports\HealthMonitoring\Alerts\Item\AlertItemRequestBuilderGetRequestConfiguration;
$graphServiceClient = new GraphServiceClient($tokenRequestContext, $scopes);
$requestConfiguration = new AlertItemRequestBuilderGetRequestConfiguration();
$queryParameters = AlertItemRequestBuilderGetRequestConfiguration::createQueryParameters();
$queryParameters->expand = ["enrichment/impacts/microsoft.graph.healthmonitoring.directoryobjectimpactsummary/resourceSampling"];
$queryParameters->select = ["alertType"," createdDateTime"," enrichment'"];
$requestConfiguration->queryParameters = $queryParameters;
$result = $graphServiceClient->reports()->healthMonitoring()->alerts()->byAlertId('alert-id')->get($requestConfiguration)->wait();
Import-Module Microsoft.Graph.Beta.Reports
Get-MgBetaReportHealthMonitoringAlert -AlertId $alertId -ExpandProperty "enrichment/impacts/microsoft.graph.healthmonitoring.directoryobjectimpactsummary/resourceSampling" -Property "alertType, createdDateTime, enrichment'"
# Code snippets are only available for the latest version. Current version is 1.x
from msgraph_beta import GraphServiceClient
from msgraph_beta.generated.reports.health_monitoring.alerts.item.alert_item_request_builder import AlertItemRequestBuilder
from kiota_abstractions.base_request_configuration import RequestConfiguration
# To initialize your graph_client, see https://learn.microsoft.com/en-us/graph/sdks/create-client?from=snippets&tabs=python
query_params = AlertItemRequestBuilder.AlertItemRequestBuilderGetQueryParameters(
expand = ["enrichment/impacts/microsoft.graph.healthmonitoring.directoryobjectimpactsummary/resourceSampling"],
select = ["alertType"," createdDateTime"," enrichment'"],
)
request_configuration = RequestConfiguration(
query_parameters = query_params,
)
result = await graph_client.reports.health_monitoring.alerts.by_alert_id('alert-id').get(request_configuration = request_configuration)
响应
以下示例显示了相应的响应。
注意:为了提高可读性,可能缩短了此处显示的响应对象。
HTTP/1.1 200 OK
Content-Type: application/json
{
"@odata.context": "https://graph.microsoft.com/beta/$metadata#reports/healthMonitoring/alerts/$entity",
"alertType": "mfaSignInFailure",
"createdDateTime": "2024-06-19T11:23:44.1234567Z",
"enrichment": {
"state": "enriched",
"impacts": [
{
"@odata.type": "#microsoft.graph.healthMonitoring.userImpactSummary",
"resourceType": "user",
"impactedCount": 143,
"impactedCountLimitExceeded": false,
"resourceSampling": []
},
{
"@odata.type": "#microsoft.graph.healthMonitoring.applicationImpactSummary",
"resourceType": "application",
"impactedCount": 1,
"impactedCountLimitExceeded": true,
"resourceSampling": [
{
"id": "63c83fa4-d90c-4274-8460-5463e96f1113"
}
]
}
],
"supportingData": {
"signIns": "https://graph.microsoft.com/beta/auditLogs/signIns?$filter=((status/errorCode eq 500121) and createdDateTime gt 2024-06-08T11:23:44.1234567Z and createdDateTime le 2024-06-19T11:23:44.1234567Z and (signInEventTypes/any(t:t eq 'interactiveUser' or t eq 'noninteractiveUser')))",
"audits": "https://graph.microsoft.com/beta/auditLogs/directoryaudits?$filter=(activityDateTime ge 2024-06-08T11:23:44.1234567Z and activityDateTime le 2024-06-19T11:23:44.1234567Z)&$top=50&$orderby=activityDateTime desc"
}
}
}
注意:目前 resourceSampling 仅包含 id 资源。 将来,它还能够显示资源的其他属性。