az monitor activity-log alert

Manage activity log alerts.

Commands

az monitor activity-log alert action-group

Manage action groups for activity log alerts.

az monitor activity-log alert action-group add

Add action groups to this activity log alert. It can also be used to overwrite existing webhook properties of particular action groups.

az monitor activity-log alert action-group remove

Remove action groups from this activity log alert.

az monitor activity-log alert create

Create a default activity log alert.

az monitor activity-log alert delete

Delete an activity log alert.

az monitor activity-log alert list

List activity log alerts under a resource group or the current subscription.

az monitor activity-log alert scope

Manage scopes for activity log alerts.

az monitor activity-log alert scope add

Add scopes to this activity log alert.

az monitor activity-log alert scope remove

Removes scopes from this activity log alert.

az monitor activity-log alert show

Get an activity log alert.

az monitor activity-log alert update

Update the details of this activity log alert.

az monitor activity-log alert create

Create a default activity log alert.

This command will create a default activity log with one condition which compares if the activities logs 'category' field equals to 'ServiceHealth'. The newly created activity log alert does not have any action groups attached to it.

az monitor activity-log alert create --name
                                     --resource-group
                                     [--action-group]
                                     [--condition]
                                     [--description]
                                     [--disable]
                                     [--scope]
                                     [--subscription]
                                     [--tags]
                                     [--webhook-properties]

Examples

Create an alert with default settings.

az monitor activity-log alert create -n {AlertName} -g {ResourceGroup}

Create an alert with condition about error level service health log.

az monitor activity-log alert create -n {AlertName} -g {ResourceGroup} \
  --condition category=ServiceHealth and level=Error

Create an alert with an action group and specify webhook properties.

az monitor activity-log alert create -n {AlertName} -g {ResourceGroup} \
  -a /subscriptions/{SubID}/resourceGroups/{ResourceGroup}/providers/microsoft.insights/actionGroups/{ActionGroup} \
  -w usage=test owner=jane

Create an alert which is initially disabled.

az monitor activity-log alert create -n {AlertName} -g {ResourceGroup} --disable

Required Parameters

--name -n

Name of the activity log alerts.

--resource-group -g

Name of resource group. You can configure the default group using az configure --defaults group=<name>.

Optional Parameters

--action-group -a

Add an action group. Accepts space-separated action group identifiers. The identifier can be the action group's name or its resource ID.

--condition -c

The condition that will cause the alert to activate. The format is FIELD=VALUE[ and FIELD=VALUE...].

--description

A description of this activity log alert.

--disable

Disable the activity log alert after it is created.

--scope -s

A list of strings that will be used as prefixes.

--subscription

Name or ID of subscription. You can configure the default subscription using az account set -s NAME_OR_ID.

--tags

Space-separated tags: key[=value] [key[=value] ...]. Use "" to clear existing tags.

--webhook-properties -w

Space-separated webhook properties in 'key[=value]' format. These properties are associated with the action groups added in this command.

az monitor activity-log alert delete

Delete an activity log alert.

az monitor activity-log alert delete [--ids]
                                     [--name]
                                     [--resource-group]
                                     [--subscription]

Optional Parameters

--ids

One or more resource IDs (space-delimited). It should be a complete resource ID containing all information of 'Resource Id' arguments. You should provide either --ids or other 'Resource Id' arguments.

--name -n

The name of the activity log alert.

--resource-group -g

Name of resource group. You can configure the default group using az configure --defaults group=<name>.

--subscription

Name or ID of subscription. You can configure the default subscription using az account set -s NAME_OR_ID.

az monitor activity-log alert list

List activity log alerts under a resource group or the current subscription.

az monitor activity-log alert list [--query-examples]
                                   [--resource-group]
                                   [--subscription]

Optional Parameters

--query-examples

Recommend JMESPath string for you. You can copy one of the query and paste it after --query parameter within double quotation marks to see the results. You can add one or more positional keywords so that we can give suggestions based on these key words.

--resource-group -g

Name of the resource group under which the activity log alerts are being listed. If it is omitted, all the activity log alerts under the current subscription are listed.

--subscription

Name or ID of subscription. You can configure the default subscription using az account set -s NAME_OR_ID.

az monitor activity-log alert show

Get an activity log alert.

az monitor activity-log alert show [--ids]
                                   [--name]
                                   [--query-examples]
                                   [--resource-group]
                                   [--subscription]

Optional Parameters

--ids

One or more resource IDs (space-delimited). It should be a complete resource ID containing all information of 'Resource Id' arguments. You should provide either --ids or other 'Resource Id' arguments.

--name -n

The name of the activity log alert.

--query-examples

Recommend JMESPath string for you. You can copy one of the query and paste it after --query parameter within double quotation marks to see the results. You can add one or more positional keywords so that we can give suggestions based on these key words.

--resource-group -g

Name of resource group. You can configure the default group using az configure --defaults group=<name>.

--subscription

Name or ID of subscription. You can configure the default subscription using az account set -s NAME_OR_ID.

az monitor activity-log alert update

Update the details of this activity log alert.

az monitor activity-log alert update [--add]
                                     [--condition]
                                     [--description]
                                     [--enabled {false, true}]
                                     [--force-string]
                                     [--ids]
                                     [--name]
                                     [--remove]
                                     [--resource-group]
                                     [--set]
                                     [--subscription]
                                     [--tags]

Examples

Update the condition

az monitor activity-log alert update -n {AlertName} -g {ResourceGroup} \
  --condition category=ServiceHealth and level=Error

Disable an alert

az monitor activity-log alert update -n {AlertName} -g {ResourceGroup} --enable false

Update the details of this activity log alert (autogenerated)

az monitor activity-log alert update --enabled true --name MyActivityLogAlerts --resource-group MyResourceGroup --subscription MySubscription

Optional Parameters

--add

Add an object to a list of objects by specifying a path and key value pairs. Example: --add property.listProperty <key=value, string or JSON string>.

--condition -c

The conditional expression that will cause the alert to activate. The format is FIELD=VALUE[ and FIELD=VALUE...].

--description

A description of this activity log alert.

--enabled
accepted values: false, true
--force-string

When using 'set' or 'add', preserve string literals instead of attempting to convert to JSON.

--ids

One or more resource IDs (space-delimited). It should be a complete resource ID containing all information of 'Resource Id' arguments. You should provide either --ids or other 'Resource Id' arguments.

--name -n

The name of the activity log alert.

--remove

Remove a property or an element from a list. Example: --remove property.list OR --remove propertyToRemove.

--resource-group -g

Name of resource group. You can configure the default group using az configure --defaults group=<name>.

--set

Update an object by specifying a property path and value to set. Example: --set property1.property2=.

--subscription

Name or ID of subscription. You can configure the default subscription using az account set -s NAME_OR_ID.

--tags

Space-separated tags: key[=value] [key[=value] ...]. Use "" to clear existing tags.