用於 Azure 監視器活動記錄警示規則的 Resource Manager 範本範例 (系統管理類別)
本文包含 Azure Resource Manager 範本的範例,可用來在 Azure 監視器中為系統管理事件建立和設定活動記錄警示。
注意
如需 Azure 監視器的可用範例清單,以及在 Azure 訂用帳戶中的部署指引,請參閱 Azure Resource Manager 範例。
系統管理事件類別的活動記錄警示規則條件:
本範例會將條件設定為 [管理] 類別:
"condition": {
"allOf": [
{
"field": "category",
"equals": "Administrative"
},
{
"field": "resourceType",
"equals": "Microsoft.Resources/deployments"
}
]
}
{
"$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#",
"contentVersion": "1.0.0.0",
"parameters": {
"activityLogAlertName": {
"type": "string",
"metadata": {
"description": "Unique name (within the Resource Group) for the Activity log alert."
}
},
"activityLogAlertEnabled": {
"type": "bool",
"defaultValue": true,
"metadata": {
"description": "Indicates whether or not the alert is enabled."
}
},
"actionGroupResourceId": {
"type": "string",
"metadata": {
"description": "Resource Id for the Action group."
}
}
},
"resources": [
{
"type": "Microsoft.Insights/activityLogAlerts",
"apiVersion": "2017-04-01",
"name": "[parameters('activityLogAlertName')]",
"location": "Global",
"properties": {
"enabled": "[parameters('activityLogAlertEnabled')]",
"scopes": [
"[subscription().id]"
],
"condition": {
"allOf": [
{
"field": "category",
"equals": "Administrative"
},
{
"field": "operationName",
"equals": "Microsoft.Resources/deployments/write"
},
{
"field": "resourceType",
"equals": "Microsoft.Resources/deployments"
}
]
},
"actions": {
"actionGroups":
[
{
"actionGroupId": "[parameters('actionGroupResourceId')]"
}
]
}
}
}
]
}