azurermLogAnalyticsQueryPackQuery
Manages a Log Analytics Query Pack Query.
Example Usage
/*Provider bindings are generated by running cdktf get.
See https://cdk.tf/provider-generation for more details.*/
import * as azurerm from "./.gen/providers/azurerm";
/*The following providers are missing schema information and might need manual adjustments to synthesize correctly: azurerm.
For a more precise conversion please use the --provider flag in convert.*/
const azurermResourceGroupExample = new azurerm.resourceGroup.ResourceGroup(
this,
"example",
{
location: "West Europe",
name: "example-resources",
}
);
const azurermLogAnalyticsQueryPackExample =
new azurerm.logAnalyticsQueryPack.LogAnalyticsQueryPack(this, "example_1", {
location: azurermResourceGroupExample.location,
name: "example-laqp",
resource_group_name: azurermResourceGroupExample.name,
});
/*This allows the Terraform resource name to match the original name. You can remove the call if you don't need them to match.*/
azurermLogAnalyticsQueryPackExample.overrideLogicalId("example");
const azurermLogAnalyticsQueryPackQueryExample =
new azurerm.logAnalyticsQueryPackQuery.LogAnalyticsQueryPackQuery(
this,
"example_2",
{
body: "let newExceptionsTimeRange = 1d;\nlet timeRangeToCheckBefore = 7d;\nexceptions\n| where timestamp < ago(timeRangeToCheckBefore)\n| summarize count() by problemId\n| join kind= rightanti (\nexceptions\n| where timestamp >= ago(newExceptionsTimeRange)\n| extend stack = tostring(details[0].rawStack)\n| summarize count(), dcount(user_AuthenticatedId), min(timestamp), max(timestamp), any(stack) by problemId \n) on problemId \n| order by count_ desc\n",
display_name: "Exceptions - New in the last 24 hours",
name: "19952bc3-0bf9-49eb-b713-6b80e7a41847",
query_pack_id: azurermLogAnalyticsQueryPackExample.id,
}
);
/*This allows the Terraform resource name to match the original name. You can remove the call if you don't need them to match.*/
azurermLogAnalyticsQueryPackQueryExample.overrideLogicalId("example");
Arguments Reference
The following arguments are supported:
-
queryPackId- (Required) The ID of the Log Analytics Query Pack. Changing this forces a new resource to be created. -
body- (Required) The body of the Log Analytics Query Pack Query. -
displayName- (Required) The unique display name for the query within the Log Analytics Query Pack. -
name- (Optional) An unique UUID/GUID which identifies this Log Analytics Query Pack Query - one will be generated if not specified. Changing this forces a new resource to be created. -
description- (Optional) The description of the Log Analytics Query Pack Query. -
categories- (Optional) A list of the related categories for the function. Possible values areapplications,audit,container,databases,desktopanalytics,management,monitor,network,resources,security,virtualmachines,windowsvirtualdesktopandworkloads. -
additionalSettingsJson- (Optional) The additional properties that can be set for the Log Analytics Query Pack Query. -
resourceTypes- (Optional) A list of the related resource types for the function. Possible values aredefault,microsoftAad/domainservices,microsoftAadiam/tenants,microsoftAgfoodplatform/farmbeats,microsoftAnalysisservices/servers,microsoftApimanagement/service,microsoftAppconfiguration/configurationstores,microsoftAppplatform/spring,microsoftAttestation/attestationproviders,microsoftAuthorization/tenants,microsoftAutomation/automationaccounts,microsoftAutonomousdevelopmentplatform/accounts,microsoftAzurestackhci/virtualmachines,microsoftBatch/batchaccounts,microsoftBlockchain/blockchainmembers,microsoftBotservice/botservices,microsoftCache/redis,microsoftCdn/profiles,microsoftCognitiveservices/accounts,microsoftCommunication/communicationservices,microsoftCompute/virtualmachines,microsoftCompute/virtualmachinescalesets,microsoftConnectedcache/cachenodes,microsoftConnectedvehicle/platformaccounts,microsoftConenctedvmwarevsphere/virtualmachines,microsoftContainerregistry/registries,microsoftContainerservice/managedclusters,microsoftD365Customerinsights/instances,microsoftDashboard/grafana,microsoftDatabricks/workspaces,microsoftDatacollaboration/workspaces,microsoftDatafactory/factories,microsoftDatalakeanalytics/accounts,microsoftDatalakestore/accounts,microsoftDatashare/accounts,microsoftDbformariadb/servers,microsoftDbformysql/servers,microsoftDbforpostgresql/flexibleservers,microsoftDbforpostgresql/servers,microsoftDbforpostgresql/serversv2,microsoftDigitaltwins/digitaltwinsinstances,microsoftDocumentdb/cassandraclusters,microsoftDocumentdb/databaseaccounts,microsoftDesktopvirtualization/applicationgroups,microsoftDesktopvirtualization/hostpools,microsoftDesktopvirtualization/workspaces,microsoftDevices/iothubs,microsoftDevices/provisioningservices,microsoftDynamics/fraudprotection/purchase,microsoftEventgrid/domains,microsoftEventgrid/topics,microsoftEventgrid/partnernamespaces,microsoftEventgrid/partnertopics,microsoftEventgrid/systemtopics,microsoftEventhub/namespaces,microsoftExperimentation/experimentworkspaces,microsoftHdinsight/clusters,microsoftHealthcareapis/services,microsoftInformationprotection/datasecuritymanagement,microsoftIntune/operations,microsoftInsights/autoscalesettings,microsoftInsights/components,microsoftInsights/workloadmonitoring,microsoftKeyvault/vaults,microsoftKubernetes/connectedclusters,microsoftKusto/clusters,microsoftLoadtestservice/loadtests,microsoftLogic/workflows,microsoftMachinelearningservices/workspaces,microsoftMedia/mediaservices,microsoftNetapp/netappaccounts/capacitypools,microsoftNetwork/applicationgateways,microsoftNetwork/azurefirewalls,microsoftNetwork/bastionhosts,microsoftNetwork/expressroutecircuits,microsoftNetwork/frontdoors,microsoftNetwork/loadbalancers,microsoftNetwork/networkinterfaces,microsoftNetwork/networksecuritygroups,microsoftNetwork/networksecurityperimeters,microsoftNetwork/networkwatchers/connectionmonitors,microsoftNetwork/networkwatchers/trafficanalytics,microsoftNetwork/publicipaddresses,microsoftNetwork/trafficmanagerprofiles,microsoftNetwork/virtualnetworks,microsoftNetwork/virtualnetworkgateways,microsoftNetwork/vpngateways,microsoftNetworkfunction/azuretrafficcollectors,microsoftOpenenergyplatform/energyservices,microsoftOpenlogisticsplatform/workspaces,microsoftOperationalinsights/workspaces,microsoftPowerbi/tenants,microsoftPowerbi/tenants/workspaces,microsoftPowerbidedicated/capacities,microsoftPurview/accounts,microsoftRecoveryservices/vaults,microsoftResources/azureactivity,microsoftScvmm/virtualmachines,microsoftSearch/searchservices,microsoftSecurity/antimalwaresettings,microsoftSecurityinsights/amazon,microsoftSecurityinsights/anomalies,microsoftSecurityinsights/cef,microsoftSecurityinsights/datacollection,microsoftSecurityinsights/dnsnormalized,microsoftSecurityinsights/mda,microsoftSecurityinsights/mde,microsoftSecurityinsights/mdi,microsoftSecurityinsights/mdo,microsoftSecurityinsights/networksessionnormalized,microsoftSecurityinsights/office365,microsoftSecurityinsights/purview,microsoftSecurityinsights/securityinsights,microsoftSecurityinsights/securityinsights/mcas,microsoftSecurityinsights/tvm,microsoftSecurityinsights/watchlists,microsoftServicebus/namespaces,microsoftServicefabric/clusters,microsoftSignalrservice/signalr,microsoftSignalrservice/webpubsub,microsoftSql/managedinstances,microsoftSql/servers,microsoftSql/servers/databases,microsoftStorage/storageaccounts,microsoftStoragecache/caches,microsoftStreamanalytics/streamingjobs,microsoftSynapse/workspaces,microsoftTimeseriesinsights/environments,microsoftVideoindexer/accounts,microsoftWeb/sites,microsoftWorkloadmonitor/monitors,resourcegroupandsubscription. -
solutions- (Optional) A list of the related Log Analytics solutions for the function. Possible values areaadDomainServices,adAssessment,adAssessmentPlus,adReplication,adSecurityAssessment,alertManagement,antiMalware,applicationInsights,azureAssessment,azureSecurityOfThings,azureSentinelDsre,azureSentinelPrivatePreview,behaviorAnalyticsInsights,changeTracking,compatibilityAssessment,containerInsights,containers,customizedWindowsEventsFiltering,deviceHealthProd,dnsAnalytics,exchangeAssessment,exchangeOnlineAssessment,iisAssessmentPlus,infrastructureInsights,internalWindowsEvent,logManagement,microsoft365Analytics,networkMonitoring,sccmAssessmentPlus,scomAssessment,scomAssessmentPlus,security,securityCenter,securityCenterFree,securityInsights,serviceMap,sfBAssessment,sfBOnlineAssessment,sharePointOnlineAssessment,spAssessment,sqlAdvancedThreatProtection,sqlAssessment,sqlAssessmentPlus,sqlDataClassification,sqlThreatDetection,sqlVulnerabilityAssessment,surfaceHub,updates,vmInsights,wefInternalUat,wef10X,wef10XDsre,waaSUpdateInsights,winLog,windowsClientAssessmentPlus,windowsEventForwarding,windowsFirewall,windowsServerAssessment,wireDataandwireData2. -
tags- (Optional) A mapping of tags which should be assigned to the Log Analytics Query Pack Query.
Attributes Reference
In addition to the Arguments listed above - the following Attributes are exported:
id- The ID of the Log Analytics Query Pack Query.
Timeouts
The timeouts block allows you to specify timeouts for certain actions:
create- (Defaults to 30 minutes) Used when creating the Log Analytics Query Pack Query.read- (Defaults to 5 minutes) Used when retrieving the Log Analytics Query Pack Query.update- (Defaults to 30 minutes) Used when updating the Log Analytics Query Pack Query.delete- (Defaults to 30 minutes) Used when deleting the Log Analytics Query Pack Query.
Import
Log Analytics Query Pack Queries can be imported using the resourceId, e.g.