az monitor action-rule

Note

This reference is part of the alertsmanagement extension for Azure CLI and requires version 2.3.1 or higher. The extension will automatically install the first time you run an az monitor action-rule command. Learn more about extensions.

Commands to manage action rule.

Commands

az monitor action-rule create

Create an action rule.

az monitor action-rule delete

Delete an action rule.

az monitor action-rule list

List all action rules of the subscription, created in given resource group and given input filters.

az monitor action-rule show

Get an action rule.

az monitor action-rule update

Update an action rule.

az monitor action-rule create

Create an action rule.

az monitor action-rule create --name
                              --resource-group
                              --rule-type {ActionGroup, Diagnostics, Suppression}
                              [--alert-context]
                              [--alert-description]
                              [--alert-rule]
                              [--description]
                              [--location]
                              [--monitor-condition]
                              [--monitor-service]
                              [--scope]
                              [--scope-type {Resource, ResourceGroup}]
                              [--severity]
                              [--status {Disabled, Enabled}]
                              [--suppression-end-date]
                              [--suppression-end-time]
                              [--suppression-recurrence]
                              [--suppression-recurrence-type {Always, Daily, Monthly, Once, Weekly}]
                              [--suppression-start-date]
                              [--suppression-start-time]
                              [--tags]
                              [--target-resource-type]

Examples

Create an action rule to suppress notifications for all Sev4 alerts on all VMs within the subscription every weekend

az monitor action-rule create --resource-group rg --name rule --location Global --status Enabled --rule-type Suppression --severity Equals Sev4 --target-resource-type Equals Microsoft.Compute/VirtualMachines --suppression-recurrence-type Weekly --suppression-recurrence 0 6 --suppression-start-date 12/09/2018 --suppression-end-date 12/18/2018 --suppression-start-time 06:00:00 --suppression-end-time 14:00:00

Create an action rule to suppress notifications for all log alerts generated for Computer-01 in subscription indefinitely as it's going through maintenance

az monitor action-rule create --resource-group rg --name rule --location Global --status Enabled --rule-type Suppression --suppression-recurrence-type Always --alert-context Contains Computer-01 --monitor-service Equals "Log Analytics"

Create an action rule to suppress notifications in a resource group

az monitor action-rule create --resource-group rg --name rule --location Global --status Enabled --rule-type Suppression --scope-type ResourceGroup --scope /subscriptions/0b1f6471-1bf0-4dda-aec3-cb9272f09590/resourceGroups/rg --suppression-recurrence-type Always --alert-context Contains Computer-01 --monitor-service Equals "Log Analytics"

Required Parameters

--name -n

Name of action rule.

--resource-group -g

Name of resource group. You can configure the default group using az configure --defaults group=<name>.

--rule-type

Indicate type of action rule.

accepted values: ActionGroup, Diagnostics, Suppression

Optional Parameters

--alert-context

Filter alerts by alert context (payload).

--alert-description

Filter alerts by alert rule description.

--alert-rule

Filter alerts by alert rule name or ID.

--description

Description of action rule.

--location -l

Location. Values from: az account list-locations. You can configure the default location using az configure --defaults location=<location>.

--monitor-condition

Filter alerts by monitor condition.

--monitor-service

Filter alerts by monitor service.

--scope

List of ARM IDs (space-delimited) of the given scope type which will be the target of the given action rule.

--scope-type

Type of target scope.

accepted values: Resource, ResourceGroup
--severity

Filter alerts by severity. All filters should follow format "operator value1 value2 ... valueN". Operator is one of Equals, NotEquals, Contains and DoesNotContain.

--status

Indicate if the given action rule is enabled or disabled. Default to enabled.

accepted values: Disabled, Enabled
--suppression-end-date

End date for suppression. Format: MM/DD/YYYY.

--suppression-end-time

End time for suppression. Format: hh:mm:ss.

--suppression-recurrence

List of recurrence pattern values, delimited by space. If --suppression-recurrence-type is Weekly, allowed values range from 0 to 6. 0 stands for Sunday, 1 stands for Monday, ..., 6 stands for Saturday. If --suppression-recurrence-type is Monthly, allowed values range from 1 to 31, stands for day of month.

--suppression-recurrence-type

Specifies when the suppression should be applied.

accepted values: Always, Daily, Monthly, Once, Weekly
--suppression-start-date

Start date for suppression. Format: MM/DD/YYYY.

--suppression-start-time

Start time for suppression. Format: hh:mm:ss.

--tags

Space-separated tags: key[=value] [key[=value] ...]. Use "" to clear existing tags.

--target-resource-type

Filter alerts by target resource type.

az monitor action-rule delete

Delete an action rule.

az monitor action-rule delete --name
                              --resource-group

Examples

Delete an action rule

az monitor action-rule delete --resource-group rg --name rule

Required Parameters

--name -n

Name of action rule.

--resource-group -g

Name of resource group. You can configure the default group using az configure --defaults group=<name>.

az monitor action-rule list

List all action rules of the subscription, created in given resource group and given input filters.

az monitor action-rule list [--action-group]
                            [--alert-rule-id]
                            [--description]
                            [--impacted-scope]
                            [--monitor-service]
                            [--name]
                            [--resource-group]
                            [--severity]
                            [--target-resource]
                            [--target-resource-group]
                            [--target-resource-type]

Examples

List action rules of the subscription

az monitor action-rule list

List action rules of the resource group

az monitor action-rule list --resource-group rg

Optional Parameters

--action-group

Filter by action group configured as part of action rule.

--alert-rule-id

Filter by alert rule ID.

--description

Filter by alert rule description.

--impacted-scope

Filter by impacted/target scope (provide comma separated list for multiple scopes). The value should be an well constructed ARM id of the scope.

--monitor-service

Filter by monitor service which generates the alert instance. Default value is select all.

--name

Filter by action rule name.

--resource-group -g

Name of resource group. You can configure the default group using az configure --defaults group=<name>.

--severity

Filter by severity. Default value is select all.

--target-resource

Filter by target resource (which is full ARM ID). Default value is select all.

--target-resource-group

Filter by target resource group name. Default value is select all.

--target-resource-type

Filter by target resource type. Default value is select all.

az monitor action-rule show

Get an action rule.

az monitor action-rule show --name
                            --resource-group

Examples

Get an action rule

az monitor action-rule show --resource-group rg --name rule

Required Parameters

--name -n

Name of action rule.

--resource-group -g

Name of resource group. You can configure the default group using az configure --defaults group=<name>.

az monitor action-rule update

Update an action rule.

az monitor action-rule update --name
                              --resource-group
                              [--add]
                              [--force-string]
                              [--location]
                              [--remove]
                              [--set]
                              [--status {Disabled, Enabled}]
                              [--tags]

Examples

Update an action rule

az monitor action-rule update --resource-group rg --name rule --status Disabled

Required Parameters

--name -n

Name of action rule.

--resource-group -g

Name of resource group. You can configure the default group using az configure --defaults group=<name>.

Optional Parameters

--add

Add an object to a list of objects by specifying a path and key value pairs. Example: --add property.listProperty <key=value, string or JSON string>.

--force-string

When using 'set' or 'add', preserve string literals instead of attempting to convert to JSON.

--location -l

Location. Values from: az account list-locations. You can configure the default location using az configure --defaults location=<location>.

--remove

Remove a property or an element from a list. Example: --remove property.list OR --remove propertyToRemove.

--set

Update an object by specifying a property path and value to set. Example: --set property1.property2=.

--status

Indicates if the given action rule is enabled or disabled.

accepted values: Disabled, Enabled
--tags

Space-separated tags: key[=value] [key[=value] ...]. Use "" to clear existing tags.