< Back
Set-AzureRmActivityLogAlert
Post
NAME Set-AzureRmActivityLogAlert
SYNOPSIS
Creates a new or sets an existing activity log alert.
SYNTAX
Set-AzureRmActivityLogAlert -Action
<System.Collections.Generic.List`1[Microsoft.Azure.Management.Monitor.Management.Models.ActivityLogAlertActionGroup]> -Condition
<System.Collections.Generic.List`1[Microsoft.Azure.Management.Monitor.Management.Models.ActivityLogAlertLeafCondition]> [-DefaultProfile
<IAzureContextContainer>] [-Description <String>] [-DisableAlert] -Location <String> -Name <String> -ResourceGroupName <String> -Scope
<System.Collections.Generic.List`1[System.String]> [-Tag <System.Collections.Generic.Dictionary`2[System.String,System.String]>] [-Confirm]
[-WhatIf] [<CommonParameters>]
Set-AzureRmActivityLogAlert [-Action
<System.Collections.Generic.List`1[Microsoft.Azure.Management.Monitor.Management.Models.ActivityLogAlertActionGroup]>] [-Condition
<System.Collections.Generic.List`1[Microsoft.Azure.Management.Monitor.Management.Models.ActivityLogAlertLeafCondition]>] [-DefaultProfile
<IAzureContextContainer>] [-Description <String>] [-DisableAlert] [-Location <String>] -ResourceId <String> [-Scope
<System.Collections.Generic.List`1[System.String]>] [-Tag <System.Collections.Generic.Dictionary`2[System.String,System.String]>] [-Confirm]
[-WhatIf] [<CommonParameters>]
Set-AzureRmActivityLogAlert [-Action
<System.Collections.Generic.List`1[Microsoft.Azure.Management.Monitor.Management.Models.ActivityLogAlertActionGroup]>] [-Condition
<System.Collections.Generic.List`1[Microsoft.Azure.Management.Monitor.Management.Models.ActivityLogAlertLeafCondition]>] [-DefaultProfile
<IAzureContextContainer>] [-Description <String>] -InputObject <PSActivityLogAlertResource> [-Scope
<System.Collections.Generic.List`1[System.String]>] [-Tag <System.Collections.Generic.Dictionary`2[System.String,System.String]>] [-Confirm]
[-WhatIf] [<CommonParameters>]
DESCRIPTION
The Set-AzureRmActivityLogAlert cmdlet creates a new or sets an existing activity log alert. For tags, conditions, and actions the objects must be
created in advance and passed as parameters in this call as a comma separated (see the example below). This cmdlet implements the ShouldProcess
pattern, i.e. it might request confirmation from the user before actually creating/modifying the resource. NOTE : This cmdlet and its related ones
replaces the deprecated (November 2017) Add-AzureRmLogAlertRule .
PARAMETERS
-Action <System.Collections.Generic.List`1[Microsoft.Azure.Management.Monitor.Management.Models.ActivityLogAlertActionGroup]>
The list of action groups for the activity log alert.
Required? true
Position? named
Default value None
Accept pipeline input? True (ByPropertyName)
Accept wildcard characters? false
-Condition <System.Collections.Generic.List`1[Microsoft.Azure.Management.Monitor.Management.Models.ActivityLogAlertLeafCondition]>
The list of conditions for the activity log alert. NOTE : In the list of conditions there must be at least one with the Field equal to
"Category". The backend responds with 400 (BadRequest) if this condition is not present.
Required? true
Position? named
Default value None
Accept pipeline input? True (ByPropertyName)
Accept wildcard characters? false
-DefaultProfile <IAzureContextContainer>
The credentials, account, tenant, and subscription used for communication with azure
Required? false
Position? named
Default value None
Accept pipeline input? False
Accept wildcard characters? false
-Description <String>
The description of the alert resource.
Required? false
Position? named
Default value None
Accept pipeline input? True (ByPropertyName)
Accept wildcard characters? false
-DisableAlert [<SwitchParameter>]
Allows the user to create a disabled the activity log alert. If not given, the alerts are created enabled.
Required? false
Position? named
Default value False
Accept pipeline input? False
Accept wildcard characters? false
-InputObject <PSActivityLogAlertResource>
Sets the InputObject tags property of the call to extract the required name, and resource group name properties.
Required? true
Position? named
Default value None
Accept pipeline input? True (ByValue)
Accept wildcard characters? false
-Location <String>
The location where the activity log alert will exist.
Required? true
Position? named
Default value None
Accept pipeline input? True (ByPropertyName)
Accept wildcard characters? false
-Name <String>
The name of the activity log alert.
Required? true
Position? named
Default value None
Accept pipeline input? True (ByPropertyName)
Accept wildcard characters? false
-ResourceGroupName <String>
The name of the resource group where the alert resource is going to exist.
Required? true
Position? named
Default value None
Accept pipeline input? True (ByPropertyName)
Accept wildcard characters? false
-ResourceId <String>
Sets the ResourceId tags property of the call to extract the required name, resource group name properties.
Required? true
Position? named
Default value None
Accept pipeline input? True (ByPropertyName)
Accept wildcard characters? false
-Scope <System.Collections.Generic.List`1[System.String]>
The list of scopes for the activity log alert.
Required? true
Position? named
Default value None
Accept pipeline input? True (ByPropertyName)
Accept wildcard characters? false
-Tag <System.Collections.Generic.Dictionary`2[System.String,System.String]>
Sets the tags property of the activity log alert resource.
Required? false
Position? named
Default value None
Accept pipeline input? True (ByPropertyName)
Accept wildcard characters? false
-Confirm [<SwitchParameter>]
Prompts you for confirmation before running the cmdlet.
Required? false
Position? named
Default value False
Accept pipeline input? False
Accept wildcard characters? false
-WhatIf [<SwitchParameter>]
Shows what would happen if the cmdlet runs. The cmdlet is not run.
Required? false
Position? named
Default value False
Accept pipeline input? False
Accept wildcard characters? false
<CommonParameters>
This cmdlet supports the common parameters: Verbose, Debug,
ErrorAction, ErrorVariable, WarningAction, WarningVariable,
OutBuffer, PipelineVariable, and OutVariable. For more information, see
about_CommonParameters (http://go.microsoft.com/fwlink/?LinkID=113216).
INPUTS
None
This cmdlet does not accept any input.
OUTPUTS
Microsoft.Azure.Commands.Insights.OutputClasses.PSActivityLogAlertResource
NOTES
Example 1: Create an Activity Log Alert
PS C:\\>$location = 'Global'
PS C:\\>$alertName = 'myAlert'
PS C:\\>$resourceGroupName = 'theResourceGroupName'
PS C:\\>$condition1 = New-AzureRmActivityLogAlertCondition -Field 'field1' -Equals 'equals1'
PS C:\\>$condition2 = New-AzureRmActivityLogAlertCondition -Field 'field2' -Equals 'equals2'
PS C:\\>$dict = New-Object "System.Collections.Generic.Dictionary``2[System.String,System.String]"
PS C:\\>$dict.Add('key1', 'value1')
PS C:\\>$actionGrp1 = New-AzureRmActionGroup -ActionGroupId 'actiongr1' -WebhookProperties $dict
PS C:\\>Set-AzureRmActivityLogAlert -Location $location -Name $alertName -ResourceGroupName $resourceGroupName -Scope 'scope1','scope2' -Action
$actionGrp1 -Condition $condition1, $condition2
The first four commands create leaf condition and and action group. The final command creates an Activity Log Alert using the condition and the
action group.
Example 2: Create an Activity Log Alert disabled
PS C:\\>$location = 'Global'
PS C:\\>$alertName = 'myAlert'
PS C:\\>$resourceGroupName = 'theResourceGroupName'
PS C:\\>$condition1 = New-AzureRmActivityLogAlertCondition -Field 'field1' -Equals 'equals1'
PS C:\\>$condition2 = New-AzureRmActivityLogAlertCondition -Field 'field2' -Equals 'equals2'
PS C:\\>$dict = New-Object "System.Collections.Generic.Dictionary``2[System.String,System.String]"
PS C:\\>$dict.Add('key1', 'value1')
PS C:\\>$actionGrp1 = New-AzureRmActionGroup -ActionGroupId 'actiongr1' -WebhookProperties $dict
PS C:\\>Set-AzureRmActivityLogAlert -Location $location -Name $alertName -ResourceGroupName $resourceGroupName -Scope 'scope1','scope2' -Action
$actionGrp1 -Condition $condition1, $condition2 -DisableAlert
The first four commands create leaf condition and and action group. The final command creates an Activity Log Alert using the condition and the
action group, but it creates the alert disabled.
Example 3: Set an activity log alert based using a value from the pipe or the InputObject parameter
PS C:\\>Get-AzureRmActivityLogAlert -Name $alertName -ResourceGroupName $resourceGroupName | Set-AzureRmActivityLogAlert
PS C:\\>$alert = Get-AzureRmActivityLogAlert -Name $alertName -ResourceGroupName $resourceGroupName
PS C:\\>$alert.Description = 'Changing the description'
PS C:\\>$alert.Enabled = $false
PS C:\\>Set-AzureRmActivityLogAlert -InputObject $alert
The first command is similar to a nop, it sets the alert with the same values it already contained The rest of the commands retrieve the alert
rule, change the description and disable it, then use the InputObject parameter to persist those changes
Example 4: Set an activity log alert based using the ResourceId value from the pipe
PS C:\\>Find-AzureRmResource -ResourceGroupEquals "myResourceGroup" -ResourceNameEquals "myLogAlert" | Set-AzureRmActivityLogAlert -DisableAlert
If the given log alert rule exists this command disables it.
RELATED LINKS
Online Version: https://docs.microsoft.com/en-us/powers ... tylogalert
Enable-AzureRmActivityLogAlert
Disable-AzureRmActivityLogAlert
Get-AzureRmActivityLogAlert
Remove-AzureRmActivityLogAlert
New-AzureRmActionGroup
New-AzureRmActivityLogAlertCondition
SYNOPSIS
Creates a new or sets an existing activity log alert.
SYNTAX
Set-AzureRmActivityLogAlert -Action
<System.Collections.Generic.List`1[Microsoft.Azure.Management.Monitor.Management.Models.ActivityLogAlertActionGroup]> -Condition
<System.Collections.Generic.List`1[Microsoft.Azure.Management.Monitor.Management.Models.ActivityLogAlertLeafCondition]> [-DefaultProfile
<IAzureContextContainer>] [-Description <String>] [-DisableAlert] -Location <String> -Name <String> -ResourceGroupName <String> -Scope
<System.Collections.Generic.List`1[System.String]> [-Tag <System.Collections.Generic.Dictionary`2[System.String,System.String]>] [-Confirm]
[-WhatIf] [<CommonParameters>]
Set-AzureRmActivityLogAlert [-Action
<System.Collections.Generic.List`1[Microsoft.Azure.Management.Monitor.Management.Models.ActivityLogAlertActionGroup]>] [-Condition
<System.Collections.Generic.List`1[Microsoft.Azure.Management.Monitor.Management.Models.ActivityLogAlertLeafCondition]>] [-DefaultProfile
<IAzureContextContainer>] [-Description <String>] [-DisableAlert] [-Location <String>] -ResourceId <String> [-Scope
<System.Collections.Generic.List`1[System.String]>] [-Tag <System.Collections.Generic.Dictionary`2[System.String,System.String]>] [-Confirm]
[-WhatIf] [<CommonParameters>]
Set-AzureRmActivityLogAlert [-Action
<System.Collections.Generic.List`1[Microsoft.Azure.Management.Monitor.Management.Models.ActivityLogAlertActionGroup]>] [-Condition
<System.Collections.Generic.List`1[Microsoft.Azure.Management.Monitor.Management.Models.ActivityLogAlertLeafCondition]>] [-DefaultProfile
<IAzureContextContainer>] [-Description <String>] -InputObject <PSActivityLogAlertResource> [-Scope
<System.Collections.Generic.List`1[System.String]>] [-Tag <System.Collections.Generic.Dictionary`2[System.String,System.String]>] [-Confirm]
[-WhatIf] [<CommonParameters>]
DESCRIPTION
The Set-AzureRmActivityLogAlert cmdlet creates a new or sets an existing activity log alert. For tags, conditions, and actions the objects must be
created in advance and passed as parameters in this call as a comma separated (see the example below). This cmdlet implements the ShouldProcess
pattern, i.e. it might request confirmation from the user before actually creating/modifying the resource. NOTE : This cmdlet and its related ones
replaces the deprecated (November 2017) Add-AzureRmLogAlertRule .
PARAMETERS
-Action <System.Collections.Generic.List`1[Microsoft.Azure.Management.Monitor.Management.Models.ActivityLogAlertActionGroup]>
The list of action groups for the activity log alert.
Required? true
Position? named
Default value None
Accept pipeline input? True (ByPropertyName)
Accept wildcard characters? false
-Condition <System.Collections.Generic.List`1[Microsoft.Azure.Management.Monitor.Management.Models.ActivityLogAlertLeafCondition]>
The list of conditions for the activity log alert. NOTE : In the list of conditions there must be at least one with the Field equal to
"Category". The backend responds with 400 (BadRequest) if this condition is not present.
Required? true
Position? named
Default value None
Accept pipeline input? True (ByPropertyName)
Accept wildcard characters? false
-DefaultProfile <IAzureContextContainer>
The credentials, account, tenant, and subscription used for communication with azure
Required? false
Position? named
Default value None
Accept pipeline input? False
Accept wildcard characters? false
-Description <String>
The description of the alert resource.
Required? false
Position? named
Default value None
Accept pipeline input? True (ByPropertyName)
Accept wildcard characters? false
-DisableAlert [<SwitchParameter>]
Allows the user to create a disabled the activity log alert. If not given, the alerts are created enabled.
Required? false
Position? named
Default value False
Accept pipeline input? False
Accept wildcard characters? false
-InputObject <PSActivityLogAlertResource>
Sets the InputObject tags property of the call to extract the required name, and resource group name properties.
Required? true
Position? named
Default value None
Accept pipeline input? True (ByValue)
Accept wildcard characters? false
-Location <String>
The location where the activity log alert will exist.
Required? true
Position? named
Default value None
Accept pipeline input? True (ByPropertyName)
Accept wildcard characters? false
-Name <String>
The name of the activity log alert.
Required? true
Position? named
Default value None
Accept pipeline input? True (ByPropertyName)
Accept wildcard characters? false
-ResourceGroupName <String>
The name of the resource group where the alert resource is going to exist.
Required? true
Position? named
Default value None
Accept pipeline input? True (ByPropertyName)
Accept wildcard characters? false
-ResourceId <String>
Sets the ResourceId tags property of the call to extract the required name, resource group name properties.
Required? true
Position? named
Default value None
Accept pipeline input? True (ByPropertyName)
Accept wildcard characters? false
-Scope <System.Collections.Generic.List`1[System.String]>
The list of scopes for the activity log alert.
Required? true
Position? named
Default value None
Accept pipeline input? True (ByPropertyName)
Accept wildcard characters? false
-Tag <System.Collections.Generic.Dictionary`2[System.String,System.String]>
Sets the tags property of the activity log alert resource.
Required? false
Position? named
Default value None
Accept pipeline input? True (ByPropertyName)
Accept wildcard characters? false
-Confirm [<SwitchParameter>]
Prompts you for confirmation before running the cmdlet.
Required? false
Position? named
Default value False
Accept pipeline input? False
Accept wildcard characters? false
-WhatIf [<SwitchParameter>]
Shows what would happen if the cmdlet runs. The cmdlet is not run.
Required? false
Position? named
Default value False
Accept pipeline input? False
Accept wildcard characters? false
<CommonParameters>
This cmdlet supports the common parameters: Verbose, Debug,
ErrorAction, ErrorVariable, WarningAction, WarningVariable,
OutBuffer, PipelineVariable, and OutVariable. For more information, see
about_CommonParameters (http://go.microsoft.com/fwlink/?LinkID=113216).
INPUTS
None
This cmdlet does not accept any input.
OUTPUTS
Microsoft.Azure.Commands.Insights.OutputClasses.PSActivityLogAlertResource
NOTES
Example 1: Create an Activity Log Alert
PS C:\\>$location = 'Global'
PS C:\\>$alertName = 'myAlert'
PS C:\\>$resourceGroupName = 'theResourceGroupName'
PS C:\\>$condition1 = New-AzureRmActivityLogAlertCondition -Field 'field1' -Equals 'equals1'
PS C:\\>$condition2 = New-AzureRmActivityLogAlertCondition -Field 'field2' -Equals 'equals2'
PS C:\\>$dict = New-Object "System.Collections.Generic.Dictionary``2[System.String,System.String]"
PS C:\\>$dict.Add('key1', 'value1')
PS C:\\>$actionGrp1 = New-AzureRmActionGroup -ActionGroupId 'actiongr1' -WebhookProperties $dict
PS C:\\>Set-AzureRmActivityLogAlert -Location $location -Name $alertName -ResourceGroupName $resourceGroupName -Scope 'scope1','scope2' -Action
$actionGrp1 -Condition $condition1, $condition2
The first four commands create leaf condition and and action group. The final command creates an Activity Log Alert using the condition and the
action group.
Example 2: Create an Activity Log Alert disabled
PS C:\\>$location = 'Global'
PS C:\\>$alertName = 'myAlert'
PS C:\\>$resourceGroupName = 'theResourceGroupName'
PS C:\\>$condition1 = New-AzureRmActivityLogAlertCondition -Field 'field1' -Equals 'equals1'
PS C:\\>$condition2 = New-AzureRmActivityLogAlertCondition -Field 'field2' -Equals 'equals2'
PS C:\\>$dict = New-Object "System.Collections.Generic.Dictionary``2[System.String,System.String]"
PS C:\\>$dict.Add('key1', 'value1')
PS C:\\>$actionGrp1 = New-AzureRmActionGroup -ActionGroupId 'actiongr1' -WebhookProperties $dict
PS C:\\>Set-AzureRmActivityLogAlert -Location $location -Name $alertName -ResourceGroupName $resourceGroupName -Scope 'scope1','scope2' -Action
$actionGrp1 -Condition $condition1, $condition2 -DisableAlert
The first four commands create leaf condition and and action group. The final command creates an Activity Log Alert using the condition and the
action group, but it creates the alert disabled.
Example 3: Set an activity log alert based using a value from the pipe or the InputObject parameter
PS C:\\>Get-AzureRmActivityLogAlert -Name $alertName -ResourceGroupName $resourceGroupName | Set-AzureRmActivityLogAlert
PS C:\\>$alert = Get-AzureRmActivityLogAlert -Name $alertName -ResourceGroupName $resourceGroupName
PS C:\\>$alert.Description = 'Changing the description'
PS C:\\>$alert.Enabled = $false
PS C:\\>Set-AzureRmActivityLogAlert -InputObject $alert
The first command is similar to a nop, it sets the alert with the same values it already contained The rest of the commands retrieve the alert
rule, change the description and disable it, then use the InputObject parameter to persist those changes
Example 4: Set an activity log alert based using the ResourceId value from the pipe
PS C:\\>Find-AzureRmResource -ResourceGroupEquals "myResourceGroup" -ResourceNameEquals "myLogAlert" | Set-AzureRmActivityLogAlert -DisableAlert
If the given log alert rule exists this command disables it.
RELATED LINKS
Online Version: https://docs.microsoft.com/en-us/powers ... tylogalert
Enable-AzureRmActivityLogAlert
Disable-AzureRmActivityLogAlert
Get-AzureRmActivityLogAlert
Remove-AzureRmActivityLogAlert
New-AzureRmActionGroup
New-AzureRmActivityLogAlertCondition