Created
October 30, 2018 14:58
-
-
Save krnese/3ed46a8b2a9e4be10377b70d830e57bb to your computer and use it in GitHub Desktop.
new alert api
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
{ | |
"$schema": "http://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", | |
"contentVersion": "1.0.0.0", | |
"parameters": { | |
"actionGroupId": { | |
"defaultValue": "/subscriptions/4b7561c1-24a7-468f-8b80-bf79cc29d48b/resourceGroups/m2-oms-europe/providers/Microsoft.Insights/actionGroups/defaultGroup", | |
"type": "string", | |
"metadata": { | |
"description": "Action group resource Id" | |
} | |
}, | |
"logAnalyticsResourceId": { | |
"defaultValue": "/subscriptions/4b7561c1-24a7-468f-8b80-bf79cc29d48b/resourceGroups/m2-oms-europe/providers/Microsoft.OperationalInsights/workspaces/m2-oms-westeurope", | |
"type": "string", | |
"metadata": { | |
"description": "The Log Analytics Workspace resourceId to be referenced for the Alert." | |
} | |
}, | |
"logAnalyticsWorkspaceLocation": { | |
"defaultValue": "westeurope", | |
"type": "String", | |
"metadata": { | |
"description": "The Log Analytics Workspace location." | |
} | |
} | |
}, | |
"variables": { | |
}, | |
"resources": [ | |
{ | |
"type": "Microsoft.Insights/scheduledQueryRules", | |
"name": "keyVaultAlert", | |
"apiVersion": "2018-04-16", | |
"location": "[parameters( 'logAnalyticsWorkspaceLocation' )]", | |
"properties": { | |
"description": "Notifies when someone successfully has retrieved secrets from KeyVault.", | |
"enabled": "true", | |
"source": { | |
"query": "AzureDiagnostics | where OperationName == 'SecretGet' | where ResultType == 'Success' | where trustedService_s != 'AzureResourceManager/Deployment'", | |
"dataSourceId": "[parameters('logAnalyticsResourceId')]", | |
"queryType": "ResultCount" | |
}, | |
"schedule": { | |
"frequencyInMinutes": 5, | |
"timeWindowInMinutes": 5 | |
}, | |
"action": { | |
"odata.type": "Microsoft.WindowsAzure.Management.Monitoring.Alerts.Models.Microsoft.AppInsights.Nexus.DataContracts.Resources.ScheduledQueryRules.AlertingAction", | |
"severity": "0", | |
"throttlingInMin": 0, | |
"aznsAction": { | |
"actionGroup": [ | |
"[parameters('actionGroupId')]" | |
], | |
"emailSubject": "KeyVaul Secret Alert!", | |
"customWebhookPayload": "{}" | |
}, | |
"trigger": { | |
"thresholdOperator": "GreaterThan", | |
"threshold": 0, | |
"metricTrigger": { | |
"thresholdOperator": "GreaterThan", | |
"threshold": 0, | |
"metricTriggerType": "Total", | |
"metricColumn": "AggregatedValue" | |
} | |
} | |
} | |
} | |
} | |
], | |
"outputs": {} | |
} |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment