Alerts - Get Summary

Get a summarized count of your alerts grouped by various parameters (e.g. grouping by 'Severity' returns the count of alerts for each severity).

GET https://management.azure.com/{scope}/providers/Microsoft.AlertsManagement/alertsSummary?groupby={groupby}&api-version=2019-03-01
GET https://management.azure.com/{scope}/providers/Microsoft.AlertsManagement/alertsSummary?groupby={groupby}&includeSmartGroupsCount={includeSmartGroupsCount}&targetResource={targetResource}&targetResourceType={targetResourceType}&targetResourceGroup={targetResourceGroup}&monitorService={monitorService}&monitorCondition={monitorCondition}&severity={severity}&alertState={alertState}&alertRule={alertRule}&timeRange={timeRange}&customTimeRange={customTimeRange}&api-version=2019-03-01

URI Parameters

Name In Required Type Description
scope
path True
  • string

scope here is resourceId for which alert is created.

api-version
query True

API version.

groupby
query True

This parameter allows the result set to be grouped by input fields. For example, groupby=severity,alertstate.

alertRule
query
  • string

Filter by specific alert rule. Default value is to select all.

alertState
query

Filter by state of the alert instance. Default value is to select all.

customTimeRange
query
  • string

Filter by custom time range in the format / where time is in (ISO-8601 format)'. Permissible values is within 30 days from query time. Either timeRange or customTimeRange could be used but not both. Default is none.

includeSmartGroupsCount
query
  • boolean

Include count of the SmartGroups as part of the summary. Default value is 'false'.

monitorCondition
query

Filter by monitor condition which is either 'Fired' or 'Resolved'. Default value is to select all.

monitorService
query

Filter by monitor service which generates the alert instance. Default value is select all.

severity
query

Filter by severity. Default value is select all.

targetResource
query
  • string

Filter by target resource( which is full ARM ID) Default value is select all.

targetResourceGroup
query
  • string

Filter by target resource group name. Default value is select all.

targetResourceType
query
  • string

Filter by target resource type. Default value is select all.

timeRange
query

Filter by time range by below listed values. Default value is 1 day.

Responses

Name Type Description
200 OK

OK. Alert summary returned.

Other Status Codes

Error response describing why the operation failed.

Examples

Summary

Sample Request

GET https://management.azure.com/subscriptions/1e3ff1c0-771a-4119-a03b-be82a51e232d/providers/Microsoft.AlertsManagement/alertsSummary?groupby=severity,alertState&api-version=2019-03-01

Sample Response

{
  "properties": {
    "groupedby": "severity",
    "smartGroupsCount": 100,
    "total": 14189,
    "values": [
      {
        "name": "Sev0",
        "count": 6517,
        "groupedby": "alertState",
        "values": [
          {
            "name": "New",
            "count": 6517
          },
          {
            "name": "Acknowledged",
            "count": 0
          },
          {
            "name": "Closed",
            "count": 0
          }
        ]
      },
      {
        "name": "Sev1",
        "count": 3175,
        "groupedby": "alertState",
        "values": [
          {
            "name": "New",
            "count": 3175
          },
          {
            "name": "Acknowledged",
            "count": 0
          },
          {
            "name": "Closed",
            "count": 0
          }
        ]
      },
      {
        "name": "Sev2",
        "count": 1120,
        "groupedby": "alertState",
        "values": [
          {
            "name": "New",
            "count": 1120
          },
          {
            "name": "Acknowledged",
            "count": 0
          },
          {
            "name": "Closed",
            "count": 0
          }
        ]
      },
      {
        "name": "Sev3",
        "count": 1902,
        "groupedby": "alertState",
        "values": [
          {
            "name": "New",
            "count": 1902
          },
          {
            "name": "Acknowledged",
            "count": 0
          },
          {
            "name": "Closed",
            "count": 0
          }
        ]
      },
      {
        "name": "Sev4",
        "count": 1475,
        "groupedby": "alertState",
        "values": [
          {
            "name": "New",
            "count": 1475
          },
          {
            "name": "Acknowledged",
            "count": 0
          },
          {
            "name": "Closed",
            "count": 0
          }
        ]
      }
    ]
  },
  "id": "/subscriptions/1e3ff1c0-771a-4119-a03b-be82a51e232d/providers/Microsoft.AlertsManagement/alertsSummary/current",
  "type": "Microsoft.AlertsManagement/alertsSummary",
  "name": "current"
}

Definitions

AlertsManagementErrorResponse

An error response from the service.

alertsSummary

Summary of alerts based on the input filters and 'groupby' parameters.

alertsSummaryGroup

Group the result set.

AlertsSummaryGroupByFields

This parameter allows the result set to be grouped by input fields. For example, groupby=severity,alertstate.

alertsSummaryGroupItem

Alerts summary group item

AlertState

Alert object state, which can be modified by the user.

api-version

API version.

errorResponseBody

Details of error response.

MonitorCondition

Can be 'Fired' or 'Resolved', which represents whether the underlying conditions have crossed the defined alert rule thresholds.

MonitorService

Monitor service on which the rule(monitor) is set.

Severity

Severity of alert Sev0 being highest and Sev4 being lowest.

TimeRange

Filter by time range by below listed values. Default value is 1 day.

AlertsManagementErrorResponse

An error response from the service.

Name Type Description
error

Details of error response.

alertsSummary

Summary of alerts based on the input filters and 'groupby' parameters.

Name Type Description
id
  • string

Azure resource Id

name
  • string

Azure resource name

properties

Group the result set.

type
  • string

Azure resource type

alertsSummaryGroup

Group the result set.

Name Type Description
groupedby
  • string

Name of the field aggregated

smartGroupsCount
  • integer

Total count of the smart groups.

total
  • integer

Total count of the result set.

values

List of the items

AlertsSummaryGroupByFields

This parameter allows the result set to be grouped by input fields. For example, groupby=severity,alertstate.

Name Type Description
alertRule
  • string
alertState
  • string
monitorCondition
  • string
monitorService
  • string
severity
  • string
signalType
  • string

alertsSummaryGroupItem

Alerts summary group item

Name Type Description
count
  • integer

Count of the aggregated field

groupedby
  • string

Name of the field aggregated

name
  • string

Value of the aggregated field

values

List of the items

AlertState

Alert object state, which can be modified by the user.

Name Type Description
Acknowledged
  • string
Closed
  • string
New
  • string

api-version

API version.

Name Type Description
2018-05-05
  • string

errorResponseBody

Details of error response.

Name Type Description
code
  • string

Error code, intended to be consumed programmatically.

details

A list of additional details about the error.

message
  • string

Description of the error, intended for display in user interface.

target
  • string

Target of the particular error, for example name of the property.

MonitorCondition

Can be 'Fired' or 'Resolved', which represents whether the underlying conditions have crossed the defined alert rule thresholds.

Name Type Description
Fired
  • string
Resolved
  • string

MonitorService

Monitor service on which the rule(monitor) is set.

Name Type Description
ActivityLog Administrative
  • string
ActivityLog Autoscale
  • string
ActivityLog Policy
  • string
ActivityLog Recommendation
  • string
ActivityLog Security
  • string
Application Insights
  • string
Log Analytics
  • string
Nagios
  • string
Platform
  • string
Resource Health
  • string
SCOM
  • string
ServiceHealth
  • string
SmartDetector
  • string
VM Insights
  • string
Zabbix
  • string

Severity

Severity of alert Sev0 being highest and Sev4 being lowest.

Name Type Description
Sev0
  • string
Sev1
  • string
Sev2
  • string
Sev3
  • string
Sev4
  • string

TimeRange

Filter by time range by below listed values. Default value is 1 day.

Name Type Description
1d
  • string
1h
  • string
30d
  • string
7d
  • string