New-CmAzMonitorActivityLogAlerts

Allows definition and deployment of activity log alerts for resources/resource groups to set action groups.

Deploys activity log alert rule at subscription, resource group or resource scope, which in turn are linked to specified action groups.

This command forms part of the Monitor Building Block.

Parameters

-SettingsFile

Required. (String) File path for the settings file to be converted into a settings object.

-SettingsObject

Required. (Object) Object containing the configuration values required to run this cmdlet.

-WhatIf

(Switch) Run the command without executing any actions, so that no changes are made. The command will output a description of actions to be performed against the affected resources in the console window. Use this option if you are unsure of the overall impact of your command and wish to review it before committing to making changes.

-Confirm

(Switch) Run the command without executing any actions, so that no changes are made. The command will output a description of actions to be performed against the affected resources in the console window. Use this option if you are unsure of the overall impact of your command and wish to review it before committing to making changes.

Usage

Example 1

1
New-CmAzMonitorActivityLogAlerts -SettingsFile "c:\directory\settingsFile.yml" -Confirm:$false

Example 2

1
New-CmAzMonitorActivityLogAlerts -SettingsObject $settings

Settings

Beta documentation
The following schema documentation is automatically generated as part of a recent roadmap task. There may be inaccuracies or incomplete information while we flush out bugs; please refer to the packed project settings examples where necessary.

Settings Root.

Component

component [string | null] Mandatory

Value to determine what cmdlet should be dynamically loaded for these settings.

location

location [string | null]

Deployment location which is also used for created dedicated resource group if required.

Service

service [object]

Contains dependency and publish details for service location.

Dependencies

dependencies [object]

Contains dependency details for service location.

Action Groups

actionGroups [array | null]

Global default dependency value to fetch existing resource type.

ResourceGroup

resourceGroup [string | null]

Dependency value to fetch existing resource type.

Publish

publish [object | null]

Contains publish details for service location.

activity log Alert

activityLogAlert [string | null]

Global default value to publish on deployed resource type.

ResourceGroup

resourceGroup [string | null]

Global default value to publish on deployed resource type.

Groups

groups [array] Mandatory

Contains all details pertaining to logical groupings of alert sets.

Name

name [string]

The name of the grouping.

Alert Sets

alertSets [array]

Contains all alert set details for a specific grouping.

Name

name []

Becomes part of activity log alert rule generated name.

Alerts

alerts [array]

Contains all details of the activity log alert rules to be deployed.

Name

name []

Becomes part of activity log alert rule generated name.

Description

description [string | null]

Description of the activity log alert rule.

Conditions

conditions [array]

Contains activity log rule conditions.

activity log field

field []

Activity log alert namespace field.

Equals

equals []

The value of the event's field will be compared to this value.

containsAny

containsAny [array | null]

The value of the event's field will be compared to the values in this array.

anyOf

anyOf [array | null]

An Activity Log Alert rule condition that is met when at least one of its member leaf conditions are met..

Enabled

enabled [boolean | null]

If the alert rule is enabled or not.

Default:true

Severity

severity [string | null]

The severity level of the alert to trigger.

Valid values:"Critical" , "Error" , "Warning" , "Informational" , "Verbose"

Service

service [object]

Contains dependency and publish details for service location.

Dependencies

dependencies [object]

Contains dependency details for service location.

Action Groups

actionGroups [array | null]

Local overriding dependency value to fetch existing resource type.

TargetResources

targetResources [array | null]

Service tag value to fetch existing resources of which to apply the activity log alert rule.

TargetResourceGroups

targetResourceGroups [array | null]

Service tag value to fetch existing resource groups of which to apply the activity log alert rule.

TargetSubscriptionId

targetSubscriptionId [string | null]

Target subscription Id.

Publish

publish [object | null]

Contains publish details for service location.

Activity log Alert

activityLogAlert [string | null]

Local overriding value to publish on deployed existing resource type.

Examples

The following example files are automatically generated from the settings file schema definition to show how the specification can be used in practise. Cloudmarque can accept both JSON and YAML parameter files.

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
{
  "component": "string",
  "location": "string",
  "service": {
    "dependencies": {
      "actionGroups": [

      ],
      "resourceGroup": "string"
    },
    "publish": {
      "activityLogAlert": "string",
      "resourceGroup": "string"
    }
  },
  "groups": [
    {
      "name": "string",
      "alertSets": [
        {
          "name": "unknown",
          "alerts": [
            {
              "name": "unknown",
              "description": "string",
              "conditions": [
                {
                  "field": "unknown",
                  "equals": "unknown",
                  "containsAny": [

                  ],
                  "anyOf": [

                  ]
                }
              ],
              "enabled": "true",
              "severity": "Critical",
              "service": {
                "dependencies": {
                  "actionGroups": [

                  ],
                  "targetResources": [

                  ],
                  "targetResourceGroups": [

                  ],
                  "targetSubscriptionId": "string"
                },
                "publish": {
                  "activityLogAlert": "string"
                }
              }
            }
          ]
        }
      ]
    }
  ]
}
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
component: "string"    # Mandatory
location: "string"    # Optional
service:     # Optional
  dependencies:     # Optional
    actionGroups:     # Optional
      -     resourceGroup: "string"    # Optional
  publish:     # Optional
    activityLogAlert: "string"    # Optional
    resourceGroup: "string"    # Optional
groups:     # Mandatory
  - name: "string"    # Mandatory
    alertSets:     # Mandatory
      - name: "unknown"    # Optional
        alerts:     # Mandatory
          - name: "unknown"    # Optional
            description: "string"    # Optional
            conditions:     # Optional
              - field: "unknown"    # Mandatory
                equals: "unknown"    # Optional
                containsAny:     # Optional
                  -                 anyOf:     # Optional
                  -             enabled: "true"    # Optional
            severity: "Critical"    # Optional
            service:     # Optional
              dependencies:     # Optional
                actionGroups:     # Optional
                  -                 targetResources:     # Optional
                  -                 targetResourceGroups:     # Optional
                  -                 targetSubscriptionId: "string"    # Optional
              publish:     # Optional
                activityLogAlert: "string"    # Optional