Activity Log Alerts - Get

Get an Activity Log Alert rule.

GET https://management.azure.com/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Insights/activityLogAlerts/{activityLogAlertName}?api-version=2020-10-01

URI Parameters

Name In Required Type Description
activityLogAlertName
path True

string

The name of the Activity Log Alert rule.

resourceGroupName
path True

string

The name of the resource group. The name is case insensitive.

subscriptionId
path True

string

The ID of the target subscription.

api-version
query True

string

The API version to use for this operation.

Responses

Name Type Description
200 OK

ActivityLogAlertResource

The request succeeded.

Other Status Codes

ErrorResponse

An error occurred and the Activity Log Alert rule could not be retrieved.

Security

azure_auth

Azure Active Directory OAuth2 Flow

Type: oauth2
Flow: implicit
Authorization URL: https://login.microsoftonline.com/common/oauth2/authorize

Scopes

Name Description
user_impersonation impersonate your user account

Examples

Get an Activity Log Alert rule

Sample request

GET https://management.azure.com/subscriptions/187f412d-1758-44d9-b052-169e2564721d/resourceGroups/MyResourceGroup/providers/Microsoft.Insights/activityLogAlerts/SampleActivityLogAlertRule?api-version=2020-10-01

Sample response

{
  "id": "/subscriptions/187f412d-1758-44d9-b052-169e2564721d/resourceGroups/MyResourceGroup/providers/microsoft.insights/activityLogAlerts/SampleActivityLogAlertRule",
  "type": "Microsoft.Insights/ActivityLogAlerts",
  "name": "SampleActivityLogAlertRule",
  "location": "Global",
  "tags": {},
  "properties": {
    "scopes": [
      "subscriptions/187f412d-1758-44d9-b052-169e2564721d"
    ],
    "condition": {
      "allOf": [
        {
          "field": "category",
          "equals": "Administrative"
        },
        {
          "field": "level",
          "equals": "Error"
        }
      ]
    },
    "actions": {
      "actionGroups": [
        {
          "actionGroupId": "/subscriptions/187f412d-1758-44d9-b052-169e2564721d/resourceGroups/MyResourceGroup/providers/microsoft.insights/actionGroups/SampleActionGroup",
          "webhookProperties": {
            "sampleWebhookProperty": "SamplePropertyValue"
          }
        }
      ]
    },
    "enabled": true,
    "description": "Description of sample Activity Log Alert rule."
  }
}

Definitions

Name Description
ActionGroup

A pointer to an Azure Action Group.

ActionList

A list of Activity Log Alert rule actions.

ActivityLogAlertResource

An Activity Log Alert rule resource.

AlertRuleAllOfCondition

An Activity Log Alert rule condition that is met when all its member conditions are met.

AlertRuleAnyOfOrLeafCondition

An Activity Log Alert rule condition that is met when all its member conditions are met. Each condition can be of one of the following types: Important: Each type has its unique subset of properties. Properties from different types CANNOT exist in one condition.

  • Leaf Condition - must contain 'field' and either 'equals' or 'containsAny'. Please note, 'anyOf' should not be set in a Leaf Condition.
  • AnyOf Condition - must contain only 'anyOf' (which is an array of Leaf Conditions). Please note, 'field', 'equals' and 'containsAny' should not be set in an AnyOf Condition.
AlertRuleLeafCondition

An Activity Log Alert rule condition that is met by comparing the field and value of an Activity Log event. This condition must contain 'field' and either 'equals' or 'containsAny'.

ErrorResponse

The error response.

ActionGroup

A pointer to an Azure Action Group.

Name Type Description
actionGroupId

string

The resource ID of the Action Group. This cannot be null or empty.

webhookProperties

object

the dictionary of custom properties to include with the post operation. These data are appended to the webhook payload.

ActionList

A list of Activity Log Alert rule actions.

Name Type Description
actionGroups

ActionGroup[]

The list of the Action Groups.

ActivityLogAlertResource

An Activity Log Alert rule resource.

Name Type Default value Description
id

string

The resource Id.

location

string

global

The location of the resource. Azure Activity Log Alert rules are supported on Global, West Europe and North Europe regions.

name

string

The name of the resource.

properties.actions

ActionList

The actions that will activate when the condition is met.

properties.condition

AlertRuleAllOfCondition

The condition that will cause this alert to activate.

properties.description

string

A description of this Activity Log Alert rule.

properties.enabled

boolean

True

Indicates whether this Activity Log Alert rule is enabled. If an Activity Log Alert rule is not enabled, then none of its actions will be activated.

properties.scopes

string[]

A list of resource IDs that will be used as prefixes. The alert will only apply to Activity Log events with resource IDs that fall under one of these prefixes. This list must include at least one item.

tags

object

The tags of the resource.

type

string

The type of the resource.

AlertRuleAllOfCondition

An Activity Log Alert rule condition that is met when all its member conditions are met.

Name Type Description
allOf

AlertRuleAnyOfOrLeafCondition[]

The list of Activity Log Alert rule conditions.

AlertRuleAnyOfOrLeafCondition

An Activity Log Alert rule condition that is met when all its member conditions are met. Each condition can be of one of the following types: Important: Each type has its unique subset of properties. Properties from different types CANNOT exist in one condition.

  • Leaf Condition - must contain 'field' and either 'equals' or 'containsAny'. Please note, 'anyOf' should not be set in a Leaf Condition.
  • AnyOf Condition - must contain only 'anyOf' (which is an array of Leaf Conditions). Please note, 'field', 'equals' and 'containsAny' should not be set in an AnyOf Condition.
Name Type Description
anyOf

AlertRuleLeafCondition[]

An Activity Log Alert rule 'anyOf' condition.
An Activity Log Alert rule condition that is met when at least one of its member leaf conditions are met.

containsAny

string[]

The value of the event's field will be compared to the values in this array (case-insensitive) to determine if the condition is met.

equals

string

The value of the event's field will be compared to this value (case-insensitive) to determine if the condition is met.

field

string

The name of the Activity Log event's field that this condition will examine. The possible values for this field are (case-insensitive): 'resourceId', 'category', 'caller', 'level', 'operationName', 'resourceGroup', 'resourceProvider', 'status', 'subStatus', 'resourceType', or anything beginning with 'properties'.

AlertRuleLeafCondition

An Activity Log Alert rule condition that is met by comparing the field and value of an Activity Log event. This condition must contain 'field' and either 'equals' or 'containsAny'.

Name Type Description
containsAny

string[]

The value of the event's field will be compared to the values in this array (case-insensitive) to determine if the condition is met.

equals

string

The value of the event's field will be compared to this value (case-insensitive) to determine if the condition is met.

field

string

The name of the Activity Log event's field that this condition will examine. The possible values for this field are (case-insensitive): 'resourceId', 'category', 'caller', 'level', 'operationName', 'resourceGroup', 'resourceProvider', 'status', 'subStatus', 'resourceType', or anything beginning with 'properties'.

ErrorResponse

The error response.

Name Type Description
code

string

The error code.

message

string

The error message indicating why the operation failed.