Microsoft.Insights activityLogAlerts
Bicep resource definition
The activityLogAlerts resource type can be deployed with operations that target:
- Resource groups - See resource group deployment commands
For a list of changed properties in each API version, see change log.
Remarks
For guidance on deploying monitoring solutions, see Create monitoring resources by using Bicep.
Resource format
To create a Microsoft.Insights/activityLogAlerts resource, add the following Bicep to your template.
resource symbolicname 'Microsoft.Insights/activityLogAlerts@2023-01-01-preview' = {
name: 'string'
location: 'string'
tags: {
tagName1: 'tagValue1'
tagName2: 'tagValue2'
}
properties: {
actions: {
actionGroups: [
{
actionGroupId: 'string'
actionProperties: {
{customized property}: 'string'
}
webhookProperties: {
{customized property}: 'string'
}
}
]
}
condition: {
allOf: [
{
anyOf: [
{
containsAny: [
'string'
]
equals: 'string'
field: 'string'
}
]
containsAny: [
'string'
]
equals: 'string'
field: 'string'
}
]
}
description: 'string'
enabled: bool
scopes: [
'string'
]
tenantScope: 'string'
}
}
Property values
activityLogAlerts
| Name | Description | Value |
|---|---|---|
| name | The resource name | string (required) Character limit: 1-260 Valid characters: Can't use: <>*%{}&:\\?+/#| or control characters Can't end with space or period. |
| location | The location of the resource. Azure Activity Log Alert rules are supported on Global, West Europe and North Europe regions. | string |
| tags | The tags of the resource. | Dictionary of tag names and values. See Tags in templates |
| properties | The Activity Log Alert rule properties of the resource. | AlertRuleProperties |
AlertRuleProperties
| Name | Description | Value |
|---|---|---|
| actions | The actions that will activate when the condition is met. | ActionList (required) |
| condition | The condition that will cause this alert to activate. | AlertRuleAllOfCondition (required) |
| description | A description of this Activity Log Alert rule. | string |
| enabled | Indicates whether this Activity Log Alert rule is enabled. If an Activity Log Alert rule is not enabled, then none of its actions will be activated. | bool |
| scopes | A list of resource IDs that will be used as prefixes. The alert will only apply to Activity Log events with resource IDs that fall under one of these prefixes. This list must include at least one item. | string[] |
| tenantScope | The tenant GUID. Must be provided for tenant-level and management group events rules. | string |
ActionList
| Name | Description | Value |
|---|---|---|
| actionGroups | The list of the Action Groups. | ActionGroup[] |
ActionGroup
| Name | Description | Value |
|---|---|---|
| actionGroupId | The resource ID of the Action Group. This cannot be null or empty. | string (required) |
| actionProperties | Predefined list of properties and configuration items for the action group. | ActionGroupActionProperties |
| webhookProperties | the dictionary of custom properties to include with the post operation. These data are appended to the webhook payload. | ActionGroupWebhookProperties |
ActionGroupActionProperties
| Name | Description | Value |
|---|---|---|
| {customized property} | string |
ActionGroupWebhookProperties
| Name | Description | Value |
|---|---|---|
| {customized property} | string |
AlertRuleAllOfCondition
| Name | Description | Value |
|---|---|---|
| allOf | The list of Activity Log Alert rule conditions. | AlertRuleAnyOfOrLeafCondition[] (required) |
AlertRuleAnyOfOrLeafCondition
| Name | Description | Value |
|---|---|---|
| anyOf | An Activity Log Alert rule condition that is met when at least one of its member leaf conditions are met. | AlertRuleLeafCondition[] |
| containsAny | The value of the event's field will be compared to the values in this array (case-insensitive) to determine if the condition is met. | string[] |
| equals | The value of the event's field will be compared to this value (case-insensitive) to determine if the condition is met. | string |
| field | The name of the Activity Log event's field that this condition will examine. The possible values for this field are (case-insensitive): 'resourceId', 'category', 'caller', 'level', 'operationName', 'resourceGroup', 'resourceProvider', 'status', 'subStatus', 'resourceType', or anything beginning with 'properties'. |
string |
AlertRuleLeafCondition
| Name | Description | Value |
|---|---|---|
| containsAny | The value of the event's field will be compared to the values in this array (case-insensitive) to determine if the condition is met. | string[] |
| equals | The value of the event's field will be compared to this value (case-insensitive) to determine if the condition is met. | string |
| field | The name of the Activity Log event's field that this condition will examine. The possible values for this field are (case-insensitive): 'resourceId', 'category', 'caller', 'level', 'operationName', 'resourceGroup', 'resourceProvider', 'status', 'subStatus', 'resourceType', or anything beginning with 'properties'. |
string |
Quickstart templates
The following quickstart templates deploy this resource type.
| Template | Description |
|---|---|
Alert for misconfigured Key Vault on Application Gateway |
Use such templates to easily create some important event alerts for your Azure Application Gateway. |
| AKS Cluster with a NAT Gateway and an Application Gateway |
This sample shows how to a deploy an AKS cluster with NAT Gateway for outbound connections and an Application Gateway for inbound connections. |
| Deploy an Autoscale Activity Log Alert |
This template allows you to deploy a simple alert which uses an action group to send email notifications for any Autoscale records in the Azure Activity Log |
| Deploy an Autoscale Failed Activity Log Alert |
This template allows you to deploy a simple alert which uses an action group to send email notifications for any failed Autoscale records in the Azure Activity Log |
| Deploy a Service Health Alert |
This template allows you to deploy a simple alert which uses an action group to send email notifications for any Service Health records in the Azure Activity Log |
| Create a Private AKS Cluster with a Public DNS Zone |
This sample shows how to a deploy a private AKS cluster with a Public DNS Zone. |
| Creates an Azure service alert |
This template creates an Azure service health alert that optionally sends emails to service administrators and specified email addresses in the event of cerain Azure service outages. |
| AKS cluster with the Application Gateway Ingress Controller |
This sample shows how to deploy an AKS cluster with Application Gateway, Application Gateway Ingress Controller, Azure Container Registry, Log Analytics and Key Vault |
ARM template resource definition
The activityLogAlerts resource type can be deployed with operations that target:
- Resource groups - See resource group deployment commands
For a list of changed properties in each API version, see change log.
Remarks
For guidance on deploying monitoring solutions, see Create monitoring resources by using Bicep.
Resource format
To create a Microsoft.Insights/activityLogAlerts resource, add the following JSON to your template.
{
"type": "Microsoft.Insights/activityLogAlerts",
"apiVersion": "2023-01-01-preview",
"name": "string",
"location": "string",
"tags": {
"tagName1": "tagValue1",
"tagName2": "tagValue2"
},
"properties": {
"actions": {
"actionGroups": [
{
"actionGroupId": "string",
"actionProperties": {
"{customized property}": "string"
},
"webhookProperties": {
"{customized property}": "string"
}
}
]
},
"condition": {
"allOf": [
{
"anyOf": [
{
"containsAny": [ "string" ],
"equals": "string",
"field": "string"
}
],
"containsAny": [ "string" ],
"equals": "string",
"field": "string"
}
]
},
"description": "string",
"enabled": "bool",
"scopes": [ "string" ],
"tenantScope": "string"
}
}
Property values
activityLogAlerts
| Name | Description | Value |
|---|---|---|
| type | The resource type | 'Microsoft.Insights/activityLogAlerts' |
| apiVersion | The resource api version | '2023-01-01-preview' |
| name | The resource name | string (required) Character limit: 1-260 Valid characters: Can't use: <>*%{}&:\\?+/#| or control characters Can't end with space or period. |
| location | The location of the resource. Azure Activity Log Alert rules are supported on Global, West Europe and North Europe regions. | string |
| tags | The tags of the resource. | Dictionary of tag names and values. See Tags in templates |
| properties | The Activity Log Alert rule properties of the resource. | AlertRuleProperties |
AlertRuleProperties
| Name | Description | Value |
|---|---|---|
| actions | The actions that will activate when the condition is met. | ActionList (required) |
| condition | The condition that will cause this alert to activate. | AlertRuleAllOfCondition (required) |
| description | A description of this Activity Log Alert rule. | string |
| enabled | Indicates whether this Activity Log Alert rule is enabled. If an Activity Log Alert rule is not enabled, then none of its actions will be activated. | bool |
| scopes | A list of resource IDs that will be used as prefixes. The alert will only apply to Activity Log events with resource IDs that fall under one of these prefixes. This list must include at least one item. | string[] |
| tenantScope | The tenant GUID. Must be provided for tenant-level and management group events rules. | string |
ActionList
| Name | Description | Value |
|---|---|---|
| actionGroups | The list of the Action Groups. | ActionGroup[] |
ActionGroup
| Name | Description | Value |
|---|---|---|
| actionGroupId | The resource ID of the Action Group. This cannot be null or empty. | string (required) |
| actionProperties | Predefined list of properties and configuration items for the action group. | ActionGroupActionProperties |
| webhookProperties | the dictionary of custom properties to include with the post operation. These data are appended to the webhook payload. | ActionGroupWebhookProperties |
ActionGroupActionProperties
| Name | Description | Value |
|---|---|---|
| {customized property} | string |
ActionGroupWebhookProperties
| Name | Description | Value |
|---|---|---|
| {customized property} | string |
AlertRuleAllOfCondition
| Name | Description | Value |
|---|---|---|
| allOf | The list of Activity Log Alert rule conditions. | AlertRuleAnyOfOrLeafCondition[] (required) |
AlertRuleAnyOfOrLeafCondition
| Name | Description | Value |
|---|---|---|
| anyOf | An Activity Log Alert rule condition that is met when at least one of its member leaf conditions are met. | AlertRuleLeafCondition[] |
| containsAny | The value of the event's field will be compared to the values in this array (case-insensitive) to determine if the condition is met. | string[] |
| equals | The value of the event's field will be compared to this value (case-insensitive) to determine if the condition is met. | string |
| field | The name of the Activity Log event's field that this condition will examine. The possible values for this field are (case-insensitive): 'resourceId', 'category', 'caller', 'level', 'operationName', 'resourceGroup', 'resourceProvider', 'status', 'subStatus', 'resourceType', or anything beginning with 'properties'. |
string |
AlertRuleLeafCondition
| Name | Description | Value |
|---|---|---|
| containsAny | The value of the event's field will be compared to the values in this array (case-insensitive) to determine if the condition is met. | string[] |
| equals | The value of the event's field will be compared to this value (case-insensitive) to determine if the condition is met. | string |
| field | The name of the Activity Log event's field that this condition will examine. The possible values for this field are (case-insensitive): 'resourceId', 'category', 'caller', 'level', 'operationName', 'resourceGroup', 'resourceProvider', 'status', 'subStatus', 'resourceType', or anything beginning with 'properties'. |
string |
Quickstart templates
The following quickstart templates deploy this resource type.
| Template | Description |
|---|---|
| Alert for misconfigured Key Vault on Application Gateway |
Use such templates to easily create some important event alerts for your Azure Application Gateway. |
| AKS Cluster with a NAT Gateway and an Application Gateway |
This sample shows how to a deploy an AKS cluster with NAT Gateway for outbound connections and an Application Gateway for inbound connections. |
| Deploy an Autoscale Activity Log Alert |
This template allows you to deploy a simple alert which uses an action group to send email notifications for any Autoscale records in the Azure Activity Log |
| Deploy an Autoscale Failed Activity Log Alert |
This template allows you to deploy a simple alert which uses an action group to send email notifications for any failed Autoscale records in the Azure Activity Log |
| Deploy a Service Health Alert |
This template allows you to deploy a simple alert which uses an action group to send email notifications for any Service Health records in the Azure Activity Log |
| Create a Private AKS Cluster with a Public DNS Zone |
This sample shows how to a deploy a private AKS cluster with a Public DNS Zone. |
| Creates an Azure service alert |
This template creates an Azure service health alert that optionally sends emails to service administrators and specified email addresses in the event of cerain Azure service outages. |
| AKS cluster with the Application Gateway Ingress Controller |
This sample shows how to deploy an AKS cluster with Application Gateway, Application Gateway Ingress Controller, Azure Container Registry, Log Analytics and Key Vault |
Terraform (AzAPI provider) resource definition
The activityLogAlerts resource type can be deployed with operations that target:
- Resource groups
For a list of changed properties in each API version, see change log.
Resource format
To create a Microsoft.Insights/activityLogAlerts resource, add the following Terraform to your template.
resource "azapi_resource" "symbolicname" {
type = "Microsoft.Insights/activityLogAlerts@2023-01-01-preview"
name = "string"
location = "string"
parent_id = "string"
tags = {
tagName1 = "tagValue1"
tagName2 = "tagValue2"
}
body = jsonencode({
properties = {
actions = {
actionGroups = [
{
actionGroupId = "string"
actionProperties = {
{customized property} = "string"
}
webhookProperties = {
{customized property} = "string"
}
}
]
}
condition = {
allOf = [
{
anyOf = [
{
containsAny = [
"string"
]
equals = "string"
field = "string"
}
]
containsAny = [
"string"
]
equals = "string"
field = "string"
}
]
}
description = "string"
enabled = bool
scopes = [
"string"
]
tenantScope = "string"
}
})
}
Property values
activityLogAlerts
| Name | Description | Value |
|---|---|---|
| type | The resource type | "Microsoft.Insights/activityLogAlerts@2023-01-01-preview" |
| name | The resource name | string (required) Character limit: 1-260 Valid characters: Can't use: <>*%{}&:\\?+/#| or control characters Can't end with space or period. |
| location | The location of the resource. Azure Activity Log Alert rules are supported on Global, West Europe and North Europe regions. | string |
| parent_id | To deploy to a resource group, use the ID of that resource group. | string (required) |
| tags | The tags of the resource. | Dictionary of tag names and values. |
| properties | The Activity Log Alert rule properties of the resource. | AlertRuleProperties |
AlertRuleProperties
| Name | Description | Value |
|---|---|---|
| actions | The actions that will activate when the condition is met. | ActionList (required) |
| condition | The condition that will cause this alert to activate. | AlertRuleAllOfCondition (required) |
| description | A description of this Activity Log Alert rule. | string |
| enabled | Indicates whether this Activity Log Alert rule is enabled. If an Activity Log Alert rule is not enabled, then none of its actions will be activated. | bool |
| scopes | A list of resource IDs that will be used as prefixes. The alert will only apply to Activity Log events with resource IDs that fall under one of these prefixes. This list must include at least one item. | string[] |
| tenantScope | The tenant GUID. Must be provided for tenant-level and management group events rules. | string |
ActionList
| Name | Description | Value |
|---|---|---|
| actionGroups | The list of the Action Groups. | ActionGroup[] |
ActionGroup
| Name | Description | Value |
|---|---|---|
| actionGroupId | The resource ID of the Action Group. This cannot be null or empty. | string (required) |
| actionProperties | Predefined list of properties and configuration items for the action group. | ActionGroupActionProperties |
| webhookProperties | the dictionary of custom properties to include with the post operation. These data are appended to the webhook payload. | ActionGroupWebhookProperties |
ActionGroupActionProperties
| Name | Description | Value |
|---|---|---|
| {customized property} | string |
ActionGroupWebhookProperties
| Name | Description | Value |
|---|---|---|
| {customized property} | string |
AlertRuleAllOfCondition
| Name | Description | Value |
|---|---|---|
| allOf | The list of Activity Log Alert rule conditions. | AlertRuleAnyOfOrLeafCondition[] (required) |
AlertRuleAnyOfOrLeafCondition
| Name | Description | Value |
|---|---|---|
| anyOf | An Activity Log Alert rule condition that is met when at least one of its member leaf conditions are met. | AlertRuleLeafCondition[] |
| containsAny | The value of the event's field will be compared to the values in this array (case-insensitive) to determine if the condition is met. | string[] |
| equals | The value of the event's field will be compared to this value (case-insensitive) to determine if the condition is met. | string |
| field | The name of the Activity Log event's field that this condition will examine. The possible values for this field are (case-insensitive): 'resourceId', 'category', 'caller', 'level', 'operationName', 'resourceGroup', 'resourceProvider', 'status', 'subStatus', 'resourceType', or anything beginning with 'properties'. |
string |
AlertRuleLeafCondition
| Name | Description | Value |
|---|---|---|
| containsAny | The value of the event's field will be compared to the values in this array (case-insensitive) to determine if the condition is met. | string[] |
| equals | The value of the event's field will be compared to this value (case-insensitive) to determine if the condition is met. | string |
| field | The name of the Activity Log event's field that this condition will examine. The possible values for this field are (case-insensitive): 'resourceId', 'category', 'caller', 'level', 'operationName', 'resourceGroup', 'resourceProvider', 'status', 'subStatus', 'resourceType', or anything beginning with 'properties'. |
string |