azurermMonitorScheduledQueryRulesAlertV2
Manages an AlertingAction Scheduled Query Rules Version 2 resource within Azure Monitor
Example Usage
/*Provider bindings are generated by running cdktf get.
See https://cdk.tf/provider-generation for more details.*/
import * as azurerm from "./.gen/providers/azurerm";
/*The following providers are missing schema information and might need manual adjustments to synthesize correctly: azurerm.
For a more precise conversion please use the --provider flag in convert.*/
const azurermResourceGroupExample = new azurerm.resourceGroup.ResourceGroup(
this,
"example",
{
location: "West Europe",
name: "example-resources",
}
);
const azurermApplicationInsightsExample =
new azurerm.applicationInsights.ApplicationInsights(this, "example_1", {
application_type: "web",
location: azurermResourceGroupExample.location,
name: "example-ai",
resource_group_name: azurermResourceGroupExample.name,
});
/*This allows the Terraform resource name to match the original name. You can remove the call if you don't need them to match.*/
azurermApplicationInsightsExample.overrideLogicalId("example");
const azurermMonitorActionGroupExample =
new azurerm.monitorActionGroup.MonitorActionGroup(this, "example_2", {
name: "example-mag",
resource_group_name: azurermResourceGroupExample.name,
short_name: "test mag",
});
/*This allows the Terraform resource name to match the original name. You can remove the call if you don't need them to match.*/
azurermMonitorActionGroupExample.overrideLogicalId("example");
const azurermMonitorScheduledQueryRulesAlertV2Example =
new azurerm.monitorScheduledQueryRulesAlertV2.MonitorScheduledQueryRulesAlertV2(
this,
"example_3",
{
action: [
{
action_groups: [azurermMonitorActionGroupExample.id],
custom_properties: [
{
key: "value",
key2: "value2",
},
],
},
],
auto_mitigation_enabled: true,
criteria: [
{
dimension: [
{
name: "client_CountryOrRegion",
operator: "Exclude",
values: ["123"],
},
],
failing_periods: [
{
minimum_failing_periods_to_trigger_alert: 1,
number_of_evaluation_periods: 1,
},
],
metric_measure_column: "CountByCountry",
operator: "LessThan",
query:
"requests\n | summarize CountByCountry=count() by client_CountryOrRegion\n",
resource_id_column: "client_CountryOrRegion",
threshold: 17.5,
time_aggregation_method: "Maximum",
},
],
description: "example sqr",
display_name: "example-sqr",
enabled: true,
evaluation_frequency: "PT10M",
location: azurermResourceGroupExample.location,
name: "example-msqrv2",
query_time_range_override: "PT1H",
resource_group_name: azurermResourceGroupExample.name,
scopes: [azurermApplicationInsightsExample.id],
severity: 4,
skip_query_validation: true,
tags: {
key: "value",
key2: "value2",
},
window_duration: "PT10M",
workspace_alerts_storage_enabled: false,
}
);
/*This allows the Terraform resource name to match the original name. You can remove the call if you don't need them to match.*/
azurermMonitorScheduledQueryRulesAlertV2Example.overrideLogicalId("example");
Arguments Reference
The following arguments are supported:
-
name- (Required) Specifies the name which should be used for this Monitor Scheduled Query Rule. Changing this forces a new resource to be created. -
resourceGroupName- (Required) Specifies the name of the Resource Group where the Monitor Scheduled Query Rule should exist. Changing this forces a new resource to be created. -
location- (Required) Specifies the Azure Region where the Monitor Scheduled Query Rule should exist. Changing this forces a new resource to be created. -
criteria- (Required) Acriteriablock as defined below. -
evaluationFrequency- (Optional) How often the scheduled query rule is evaluated, represented in ISO 8601 duration format. Possible values arept1M,pt5M,pt10M,pt15M,pt30M,pt45M,pt1H,pt2H,pt3H,pt4H,pt5H,pt6H,p1D.
-> Note evaluationFrequency cannot be greater than the query look back which is windowDuration*numberOfEvaluationPeriods.
-> Note evaluationFrequency cannot be greater than the muteActionsAfterAlertDuration.
-
scopes- (Required) Specifies the list of resource IDs that this scheduled query rule is scoped to. Changing this forces a new resource to be created. Currently, the API supports exactly 1 resource ID in the scopes list. -
severity- (Required) Severity of the alert. Should be an integer between 0 and 4. Value of 0 is severest. -
windowDuration- (Required) Specifies the period of time in ISO 8601 duration format on which the Scheduled Query Rule will be executed (bin size). IfevaluationFrequencyispt1M, possible values arept1M,pt5M,pt10M,pt15M,pt30M,pt45M,pt1H,pt2H,pt3H,pt4H,pt5H, andpt6H. Otherwise, possible values arept5M,pt10M,pt15M,pt30M,pt45M,pt1H,pt2H,pt3H,pt4H,pt5H,pt6H,p1D, andp2D. -
action- (Optional) Anactionblock as defined below. -
autoMitigationEnabled- (Optional) Specifies the flag that indicates whether the alert should be automatically resolved or not. Value should betrueorfalse. The default isfalse. -
workspaceAlertsStorageEnabled- (Optional) Specifies the flag which indicates whether this scheduled query rule check if storage is configured. Value should betrueorfalse. The default isfalse. -
description- (Optional) Specifies the description of the scheduled query rule. -
displayName- (Optional) Specifies the display name of the alert rule. -
enabled- (Optional) Specifies the flag which indicates whether this scheduled query rule is enabled. Value should betrueorfalse. The default istrue. -
muteActionsAfterAlertDuration- (Optional) Mute actions for the chosen period of time in ISO 8601 duration format after the alert is fired. Possible values arept5M,pt10M,pt15M,pt30M,pt45M,pt1H,pt2H,pt3H,pt4H,pt5H,pt6H,p1Dandp2D.
-> NOTE autoMitigationEnabled and muteActionsAfterAlertDuration are mutually exclusive and cannot both be set.
queryTimeRangeOverride- (Optional) Set this if the alert evaluation period is different from the query time range. If not specified, the value iswindowDuration*numberOfEvaluationPeriods. Possible values arept5M,pt10M,pt15M,pt20M,pt30M,pt45M,pt1H,pt2H,pt3H,pt4H,pt5H,pt6H,p1Dandp2D.
-> Note queryTimeRangeOverride cannot be less than the query look back which is windowDuration*numberOfEvaluationPeriods.
-
skipQueryValidation- (Optional) Specifies the flag which indicates whether the provided query should be validated or not. The default is false. -
tags- (Optional) A mapping of tags which should be assigned to the Monitor Scheduled Query Rule. -
targetResourceTypes- (Optional) List of resource type of the target resource(s) on which the alert is created/updated. For example if the scope is a resource group and targetResourceTypes ismicrosoftCompute/virtualMachines, then a different alert will be fired for each virtual machine in the resource group which meet the alert criteria.
An action block supports the following:
-
actionGroups- (Optional) List of Action Group resource IDs to invoke when the alert fires. -
customProperties- (Optional) Specifies the properties of an alert payload.
A criteria block supports the following:
-
operator- (Required) Specifies the criteria operator. Possible values areequal,greaterThan,greaterThanOrEqual,lessThan,andlessThanOrEqual. -
query- (Required) The query to run on logs. The results returned by this query are used to populate the alert. -
threshold- (Required) Specifies the criteria threshold value that activates the alert. -
timeAggregationMethod- (Required) The type of aggregation to apply to the data points in aggregation granularity. Possible values areaverage,count,maximum,minimum,andtotal. -
dimension- (Optional) Adimensionblock as defined below. -
failingPeriods- (Optional) AfailingPeriodsblock as defined below. -
metricMeasureColumn- (Optional) Specifies the column containing the metric measure number. -
resourceIdColumn- (Optional) Specifies the column containing the resource ID. The content of the column must be an uri formatted as resource ID.
A dimension block supports the following:
-
name- (Required) Name of the dimension. -
operator- (Required) Operator for dimension values. Possible values areexclude,andinclude. -
values- (Required) List of dimension values. Use a wildcard*to collect all.
A failingPeriods block supports the following:
-
minimumFailingPeriodsToTriggerAlert- (Required) Specifies the number of violations to trigger an alert. Should be smaller or equal tonumberOfEvaluationPeriods. Possible value is integer between 1 and 6. -
numberOfEvaluationPeriods- (Required) Specifies the number of aggregated look-back points. The look-back time window is calculated based on the aggregation granularitywindowDurationand the selected number of aggregated points. Possible value is integer between 1 and 6.
-> Note The query look back which is windowDuration*numberOfEvaluationPeriods cannot exceed 48 hours.
-> Note numberOfEvaluationPeriods must be 1 for queries that do not project timestamp column
Attributes Reference
The following Attributes are exported:
-
id- The ID of the Monitor Scheduled Query Rule. -
createdWithApiVersion- The api-version used when creating this alert rule. -
isALegacyLogAnalyticsRule- True if this alert rule is a legacy Log Analytic Rule. -
isWorkspaceAlertsStorageConfigured- The flag indicates whether this Scheduled Query Rule has been configured to be stored in the customer's storage.
Timeouts
The timeouts block allows you to specify timeouts for certain actions:
create- (Defaults to 30 minutes) Used when creating the Monitor Scheduled Query Rule.read- (Defaults to 5 minutes) Used when retrieving the Monitor Scheduled Query Rule.update- (Defaults to 30 minutes) Used when updating the Monitor Scheduled Query Rule.delete- (Defaults to 30 minutes) Used when deleting the Monitor Scheduled Query Rule.
Import
Monitor Scheduled Query Rule Alert can be imported using the resourceId, e.g.