Skip to content

Instantly share code, notes, and snippets.

@bytemech

bytemech/loganalytics.json

Last active September 29, 2019 08:13
Show Gist options

  • Select an option

    Learn more about clone URLs
  • Save bytemech/d85238096a2e86bf5fa6d9056e34f6d7 to your computer and use it in GitHub Desktop.

Select an option

Learn more about clone URLs
Save bytemech/d85238096a2e86bf5fa6d9056e34f6d7 to your computer and use it in GitHub Desktop.
Download ZIP
Test Log Analytics
Raw
loganalytics.json
{
"$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#",
"contentVersion": "1.0.0.0",
"parameters": {
"Test_Alert_name": {
"defaultValue": "Test Alert",
"type": "string",
"metadata": {
"description": "Name for the Test Alert"
}
},
"loganalytics_workspace_name": {
"defaultValue": "Testmonitor",
"type": "string",
"metadata": {
"description": "Name for the Log Analytics Workspace to be deployed"
}
},
"actionGroups_TestAlert_AG_name": {
"defaultValue": "TestAlert_AG",
"type": "string",
"metadata": {
"description": "Name for the Test Alert Action Group"
}
},
"address-to-email": {
"defaultValue": "JCotton@newsignature.com",
"type": "string",
"metadata": {
"description": "Address to email when the alert fires"
}
},
"location": {
"defaultValue": "uksouth",
"type": "string",
"metadata": {
"description": "Location to deploy required resources in"
}
},
"test_alert_query": {
"type": "string",
"metadata": {
"description": "Test alert query"
}
}
},
"variables": {},
"resources": [
{
"type": "Microsoft.Insights/actionGroups",
"apiVersion": "2019-03-01",
"name": "[concat(parameters('actionGroups_TestAlert_AG_name'),uniqueString(subscription().subscriptionId))]",
"location": "Global",
"properties": {
"groupShortName": "vm_ag",
"enabled": true,
"emailReceivers": [
{
"name": "[concat('Email Alert',uniqueString(subscription().subscriptionId))]",
"emailAddress": "[parameters('address-to-email')]",
"useCommonAlertSchema": false
}
],
"smsReceivers": [],
"webhookReceivers": [],
"itsmReceivers": [],
"azureAppPushReceivers": [],
"automationRunbookReceivers": [],
"voiceReceivers": [],
"logicAppReceivers": [],
"azureFunctionReceivers": []
}
},
{
"type": "Microsoft.OperationalInsights/workspaces",
"apiVersion": "2015-11-01-preview",
"name": "[concat(parameters('loganalytics_workspace_name'),uniqueString(subscription().subscriptionId))]",
"location": "[parameters('location')]",
"properties": {
"source": "Azure",
"sku": {
"name": "PerGB2018"
},
"retentionInDays": 365
}
},
{
"type": "Microsoft.Insights/scheduledQueryRules",
"apiVersion": "2018-04-16",
"name": "[concat(parameters('test_alert_name'),uniqueString(parameters('test_alert_query')))]",
"location": "[parameters('location')]",
"dependsOn": [
"[resourceId('microsoft.operationalinsights/workspaces', concat(parameters('loganalytics_workspace_name'),uniqueString(subscription().subscriptionId)))]",
"[resourceId('Microsoft.Insights/actionGroups', concat(parameters('actionGroups_TestAlert_AG_name'),uniqueString(subscription().subscriptionId)))]"
],
"properties": {
"enabled": "true",
"source": {
"query": "[parameters('test_alert_query')]",
"authorizedResources": [],
"dataSourceId": "[resourceId('microsoft.operationalinsights/workspaces', concat(parameters('loganalytics_workspace_name'),uniqueString(subscription().subscriptionId)))]",
"queryType": "ResultCount"
},
"schedule": {
"frequencyInMinutes": 5,
"timeWindowInMinutes": 5
},
"action": {
"odata.type": "Microsoft.WindowsAzure.Management.Monitoring.Alerts.Models.Microsoft.AppInsights.Nexus.DataContracts.Resources.ScheduledQueryRules.AlertingAction",
"severity": "3",
"aznsAction": {
"actionGroup": [
"[resourceId('Microsoft.Insights/actionGroups', concat(parameters('actionGroups_TestAlert_AG_name'),uniqueString(subscription().subscriptionId)))]"
]
},
"trigger": {
"Operator": "GreaterThan",
"Threshold": "1"
}
}
}
}
]
}
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment