az monitor scheduled-query
Note
This reference is part of the scheduled-query extension for the Azure CLI (version 2.20.0 or higher). The extension will automatically install the first time you run an az monitor scheduled-query command. Learn more about extensions.
Commands to manage scheduled queries.
Commands
| az monitor scheduled-query create |
Create a scheduled query. |
| az monitor scheduled-query delete |
Delete a scheduled query. |
| az monitor scheduled-query list |
List all scheduled queries. |
| az monitor scheduled-query show |
Show detail of a scheduled query. |
| az monitor scheduled-query update |
Update a scheduled query. |
az monitor scheduled-query create
Create a scheduled query.
az monitor scheduled-query create --condition
--name
--resource-group
--scopes
[--action-groups]
[--auto-mitigate {false, true}]
[--check-ws-alerts-storage {false, true}]
[--condition-query]
[--custom-properties]
[--description]
[--disabled {false, true}]
[--evaluation-frequency]
[--location]
[--mad]
[--severity]
[--skip-query-validation {false, true}]
[--tags]
[--target-resource-type]
[--window-size]Examples
Create a scheduled query for a VM.
az monitor scheduled-query create -g {rg} -n {name1} --scopes {vm_id} --condition "count 'Placeholder_1' > 360 resource id _ResourceID at least 1 violations out of 5 aggregated points" --condition-query Placeholder_1="union Event, Syslog | where TimeGenerated > ago(1h) | where EventLevelName=='Error' or SeverityLevel=='err'" --description "Test rule"Create a scheduled query for VMs in a resource group.
az monitor scheduled-query create -g {rg} -n {name1} --scopes {rg_id} --condition "count 'Placeholder_1' > 360 resource id _ResourceID at least 1 violations out of 5 aggregated points" --condition-query Placeholder_1="union Event, Syslog | where TimeGenerated > ago(1h) | where EventLevelName=='Error' or SeverityLevel=='err'" --description "Test rule"Required Parameters
The condition which triggers the rule.
Name of the scheduled query rule.
Name of resource group. You can configure the default group using az configure --defaults group=<name>.
Space-separated list of scopes the rule applies to. The resources specified in this parameter must be of the same type and exist in the same location.
Optional Parameters
Action Group resource Ids to invoke when the alert fires.
The flag that indicates whether the alert should be automatically resolved or not. The default is true.
The flag which indicates whether this scheduled query rule should be stored in the customer's storage.
Query deteils to replace the placeholders in --condition argument.
The properties of an alert payload.
Free-text description of the rule.
Disable the scheduled query.
Frequency with which to evaluate the rule in "##h##m##s" format.
Location. Values from: az account list-locations. You can configure the default location using az configure --defaults location=<location>.
Mute actions for the chosen period of time (in ISO 8601 duration format) after the alert is fired.
Severity of the alert from 0 (critical) to 4 (verbose).
The flag which indicates whether the provided query should be validated or not.
Space-separated tags: key[=value] [key[=value] ...]. Use "" to clear existing tags.
The resource type of the target resource(s) in scopes. This must be provided when scopes is resource group or subscription.
Time over which to aggregate metrics in "##h##m##s" format.
Increase logging verbosity to show all debug logs.
Show this help message and exit.
Only show errors, suppressing warnings.
Output format.
JMESPath query string. See http://jmespath.org/ for more information and examples.
Name or ID of subscription. You can configure the default subscription using az account set -s NAME_OR_ID.
Increase logging verbosity. Use --debug for full debug logs.
az monitor scheduled-query delete
Delete a scheduled query.
az monitor scheduled-query delete --name
--resource-group
[--yes]Required Parameters
Name of the scheduled query rule.
Name of resource group. You can configure the default group using az configure --defaults group=<name>.
Optional Parameters
Do not prompt for confirmation.
Increase logging verbosity to show all debug logs.
Show this help message and exit.
Only show errors, suppressing warnings.
Output format.
JMESPath query string. See http://jmespath.org/ for more information and examples.
Name or ID of subscription. You can configure the default subscription using az account set -s NAME_OR_ID.
Increase logging verbosity. Use --debug for full debug logs.
az monitor scheduled-query list
List all scheduled queries.
az monitor scheduled-query list [--resource-group]Optional Parameters
Name of resource group. You can configure the default group using az configure --defaults group=<name>.
Increase logging verbosity to show all debug logs.
Show this help message and exit.
Only show errors, suppressing warnings.
Output format.
JMESPath query string. See http://jmespath.org/ for more information and examples.
Name or ID of subscription. You can configure the default subscription using az account set -s NAME_OR_ID.
Increase logging verbosity. Use --debug for full debug logs.
az monitor scheduled-query show
Show detail of a scheduled query.
az monitor scheduled-query show --name
--resource-groupRequired Parameters
Name of the scheduled query rule.
Name of resource group. You can configure the default group using az configure --defaults group=<name>.
Increase logging verbosity to show all debug logs.
Show this help message and exit.
Only show errors, suppressing warnings.
Output format.
JMESPath query string. See http://jmespath.org/ for more information and examples.
Name or ID of subscription. You can configure the default subscription using az account set -s NAME_OR_ID.
Increase logging verbosity. Use --debug for full debug logs.
az monitor scheduled-query update
Update a scheduled query.
az monitor scheduled-query update --name
--resource-group
[--action-groups]
[--add]
[--auto-mitigate {false, true}]
[--check-ws-alerts-storage {false, true}]
[--condition]
[--condition-query]
[--custom-properties]
[--description]
[--disabled {false, true}]
[--evaluation-frequency]
[--force-string]
[--mad]
[--remove]
[--set]
[--severity]
[--skip-query-validation {false, true}]
[--tags]
[--target-resource-type]
[--window-size]Required Parameters
Name of the scheduled query rule.
Name of resource group. You can configure the default group using az configure --defaults group=<name>.
Optional Parameters
Action Group resource Ids to invoke when the alert fires.
Add an object to a list of objects by specifying a path and key value pairs. Example: --add property.listProperty <key=value, string or JSON string>.
The flag that indicates whether the alert should be automatically resolved or not. The default is true.
The flag which indicates whether this scheduled query rule should be stored in the customer's storage.
The condition which triggers the rule.
Query deteils to replace the placeholders in --condition argument.
The properties of an alert payload.
Free-text description of the rule.
Disable the scheduled query.
Frequency with which to evaluate the rule in "##h##m##s" format.
When using 'set' or 'add', preserve string literals instead of attempting to convert to JSON.
Mute actions for the chosen period of time (in ISO 8601 duration format) after the alert is fired.
Remove a property or an element from a list. Example: --remove property.list OR --remove propertyToRemove.
Update an object by specifying a property path and value to set. Example: --set property1.property2=.
Severity of the alert from 0 (critical) to 4 (verbose).
The flag which indicates whether the provided query should be validated or not.
Space-separated tags: key[=value] [key[=value] ...]. Use "" to clear existing tags.
The resource type of the target resource(s) in scopes. This must be provided when scopes is resource group or subscription.
Time over which to aggregate metrics in "##h##m##s" format.
Increase logging verbosity to show all debug logs.
Show this help message and exit.
Only show errors, suppressing warnings.
Output format.
JMESPath query string. See http://jmespath.org/ for more information and examples.
Name or ID of subscription. You can configure the default subscription using az account set -s NAME_OR_ID.
Increase logging verbosity. Use --debug for full debug logs.
الملاحظات
إرسال الملاحظات وعرضها المتعلقة بـ