Get-AzAlert

Get Alerts Information

Syntax

Get-AzAlert
   [-TargetResourceType <String>]
   [-TargetResourceGroup <String>]
   [-MonitorService <String>]
   [-MonitorCondition <String>]
   [-Severity <String>]
   [-State <String>]
   [-AlertRuleId <String>]
   [-SmartGroupId <String>]
   [-IncludeContext <Boolean>]
   [-IncludeEgressConfig <Boolean>]
   [-PageCount <Int32>]
   [-SortBy <String>]
   [-SortOrder <String>]
   [-TimeRange <String>]
   [-CustomTimeRange <String>]
   [-Select <String>]
   [-DefaultProfile <IAzureContextContainer>]
   [<CommonParameters>]
Get-AzAlert
   -AlertId <String>
   [-DefaultProfile <IAzureContextContainer>]
   [<CommonParameters>]
Get-AzAlert
   [-TargetResourceId <String>]
   [-MonitorService <String>]
   [-MonitorCondition <String>]
   [-Severity <String>]
   [-State <String>]
   [-AlertRuleId <String>]
   [-SmartGroupId <String>]
   [-IncludeContext <Boolean>]
   [-IncludeEgressConfig <Boolean>]
   [-PageCount <Int32>]
   [-SortBy <String>]
   [-SortOrder <String>]
   [-TimeRange <String>]
   [-CustomTimeRange <String>]
   [-Select <String>]
   [-DefaultProfile <IAzureContextContainer>]
   [<CommonParameters>]

Description

Get-AzAlert cmdlet gets fired alert instances.

Examples

Example 1

Get-AzAlert -Severity "Sev2" -MonitorCondition "Fired" -IncludeContext $true

List all alerts with Sev2 severity and Fired monitor condition. Setting IncludeContext to true, include custom payload of alert. Use Format-List to get the complete details of each alert in list.

Example 2

Get-AzAlert -AlertId "afbf1b3a-0a6c-4f19-9c9b-644ccd7b1529" | Format-List

Get Alert details by Id (GUID) or Resource Id (Complete ARM Id)

Example 3

Get Alerts Information. (autogenerated)

Get-AzAlert -IncludeContext $true -TimeRange '1h'

Parameters

-AlertId

Unique Identifier of Alert / ResourceId of alert.

Type:String
Aliases:ResourceId
Position:Named
Default value:None
Accept pipeline input:False
Accept wildcard characters:False
-AlertRuleId

Filter on Alert Rule Id

Type:String
Position:Named
Default value:None
Accept pipeline input:False
Accept wildcard characters:False
-CustomTimeRange

Supported format - <start-time>/<end-time> where time is in ISO-8601 format

Type:String
Position:Named
Default value:None
Accept pipeline input:False
Accept wildcard characters:False
-DefaultProfile

The credentials, account, tenant, and subscription used for communication with Azure.

Type:IAzureContextContainer
Aliases:AzContext, AzureRmContext, AzureCredential
Position:Named
Default value:None
Accept pipeline input:False
Accept wildcard characters:False
-IncludeContext

Include context (custom payload) of alert

Type:Boolean
Position:Named
Default value:None
Accept pipeline input:False
Accept wildcard characters:False
-IncludeEgressConfig

Include EgressConfig

Type:Boolean
Position:Named
Default value:None
Accept pipeline input:False
Accept wildcard characters:False
-MonitorCondition

Filter on Monitor Condition

Type:String
Position:Named
Default value:None
Accept pipeline input:False
Accept wildcard characters:False
-MonitorService

Filter on Monitor Service

Type:String
Position:Named
Default value:None
Accept pipeline input:False
Accept wildcard characters:False
-PageCount

Number of alerts to be fetched in a page.

Type:Int32
Position:Named
Default value:None
Accept pipeline input:False
Accept wildcard characters:False
-Select

Project the required fields out of essentials. Expected input is comma-separated.

Type:String
Position:Named
Default value:None
Accept pipeline input:False
Accept wildcard characters:False
-Severity

Filter on Severity of alert

Type:String
Position:Named
Default value:None
Accept pipeline input:False
Accept wildcard characters:False
-SmartGroupId

Filter all the alerts having the Smart Group Id

Type:String
Position:Named
Default value:None
Accept pipeline input:False
Accept wildcard characters:False
-SortBy

Alert property to use while sorting

Type:String
Position:Named
Default value:None
Accept pipeline input:False
Accept wildcard characters:False
-SortOrder

Sort Order

Type:String
Position:Named
Default value:None
Accept pipeline input:False
Accept wildcard characters:False
-State

Filter on State of alert

Type:String
Position:Named
Default value:None
Accept pipeline input:False
Accept wildcard characters:False
-TargetResourceGroup

Filter on Resource group name of the target resource of alert.

Type:String
Position:Named
Default value:None
Accept pipeline input:False
Accept wildcard characters:False
-TargetResourceId

Filter on Resource Id of the target resource of alert.

Type:String
Position:Named
Default value:None
Accept pipeline input:False
Accept wildcard characters:False
-TargetResourceType

Filter on Resource type of the target resource of alert.

Type:String
Position:Named
Default value:None
Accept pipeline input:False
Accept wildcard characters:False
-TimeRange

Supported time range values - 1h, 1d, 7d, 30d (Default is 1d)

Type:String
Position:Named
Default value:None
Accept pipeline input:False
Accept wildcard characters:False

Inputs

None

Outputs

PSAlert