[英]How to retrieve a “Log Search” alert rule using the Azure API
I have created a "Log Search" alert rule using the Azure Portal, and I want to retrieve its configuration so that I can automate its creation. 我已经使用Azure门户创建了“日志搜索”警报规则,并且想要检索其配置,以便可以自动创建它。 I've done that for other alert rules without issues. 对于其他没有问题的警报规则,我已经这样做了。
The problem is that I could not find which API to call to retrieve the rule . 问题是我找不到要调用哪个API来检索规则 。 I would expect to find it when calling https://management.azure.com/subscriptions/{subscriptionId}/providers/microsoft.insights/scheduledQueryRules
, but that returns an empty list. 我希望在调用https://management.azure.com/subscriptions/{subscriptionId}/providers/microsoft.insights/scheduledQueryRules
时找到它,但是返回一个空列表。 (I've triple checked that the subscriptionId
is correct) (我已经三遍检查了subscriptionId
是否正确)
I can see the rule in the Azure Portal, and also if I list the resources from the containing resource group: 我可以在Azure门户中看到该规则,也可以从包含的资源组中列出资源:
GET https://management.azure.com/subscriptions/XXXXXXXX-XXXX-XXXX-XXXX-XXXXXXXXXXXX/resourceGroups/dev-shared/resources?api-version=2018-05-01
{
"value": [
{
"id": "/subscriptions/XXXXXXXX-XXXX-XXXX-XXXX-XXXXXXXXXXXX/resourceGroups/dev-shared/providers/Microsoft.Insights/actiongroups/Development",
"name": "Development",
"type": "Microsoft.Insights/actiongroups",
"location": "global"
},
// This is the alert rule that I am looking for:
{
"id": "/subscriptions/XXXXXXXX-XXXX-XXXX-XXXX-XXXXXXXXXXXX/resourceGroups/dev-shared/providers/microsoft.insights/scheduledqueryrules/dev-thelistlogs|7719d32a-4617-46bf-91e8-3f6977076d52|139d8419-a218-4774-b9a5-7c513f87384d|6fa515f3-b78e-4087-9621-ed5a14e62903",
"name": "dev-thelistlogs|7719d32a-4617-46bf-91e8-3f6977076d52|139d8419-a218-4774-b9a5-7c513f87384d|6fa515f3-b78e-4087-9621-ed5a14e62903",
"type": "microsoft.insights/scheduledqueryrules",
"location": "westeurope",
"tags": {
"hidden-link:/subscriptions/XXXXXXXX-XXXX-XXXX-XXXX-XXXXXXXXXXXX/resourceGroups/dev-shared/providers/Microsoft.OperationalInsights/workspaces/dev-thelistlogs": "Resource"
}
},
{
"id": "/subscriptions/XXXXXXXX-XXXX-XXXX-XXXX-XXXXXXXXXXXX/resourceGroups/dev-shared/providers/Microsoft.OperationalInsights/workspaces/dev-thelistlogs",
"name": "dev-thelistlogs",
"type": "Microsoft.OperationalInsights/workspaces",
"location": "westeurope"
}
]
}
I am also unable to find the rule in the Azure Resource Explorer. 我也无法在Azure资源浏览器中找到规则。
I've been running in circles trying every API remotely related with alerts, log analytics, metric, etc..., all without success. 我一直在尝试各种与警报,日志分析,指标等远程相关的API,但都没有成功。
How can I retrieve the details of this rule using the Azure API ? 如何使用Azure API检索此规则的详细信息?
As can be seen on my answer, I found a way to retrieve the details. 从我的答案可以看出,我找到了一种检索详细信息的方法。 Still I'd like to know why is the scheduledQueryRules list api not returning that rule ? 还是我想知道为什么ScheduledQueryRules列表api不返回该规则?
After being able to retrieve the rule details I went ahead and created a new rule similar to that one using a resource manager template. 在能够检索规则详细信息之后,我继续使用资源管理器模板创建了一个类似于该规则的新规则。 It turns out that this new rule is returned by the APIs, but the original one is still missing. 事实证明,API会返回此新规则,但原始规则仍然缺失。
I found a way, by first listing the resources in the resource group, figuring out the name of the alert rule, then retrieving the detail of that rule using GET https://management.azure.com/subscriptions/{subscriptionId}/resourcegroups/{resourceGroupName}/providers/microsoft.insights/scheduledQueryRules/{ruleName}
: 我找到了一种方法,首先列出资源组中的资源,弄清楚警报规则的名称,然后使用GET https://management.azure.com/subscriptions/{subscriptionId}/resourcegroups/{resourceGroupName}/providers/microsoft.insights/scheduledQueryRules/{ruleName}
检索该规则的详细信息GET https://management.azure.com/subscriptions/{subscriptionId}/resourcegroups/{resourceGroupName}/providers/microsoft.insights/scheduledQueryRules/{ruleName}
:
GET https://management.azure.com/subscriptions/XXXXXXXX-XXXX-XXXX-XXXX-XXXXXXXXXXXX/resourcegroups/dev-shared/providers/microsoft.insights/scheduledQueryRules/dev-thelistlogs|7719d32a-4617-46bf-91e8-3f6977076d52|139d8419-a218-4774-b9a5-7c513f87384d|6fa515f3-b78e-4087-9621-ed5a14e62903
{
"id": "/subscriptions/XXXXXXXX-XXXX-XXXX-XXXX-XXXXXXXXXXXX/resourceGroups/dev-shared/providers/microsoft.insights/scheduledqueryrules/dev-thelistlogs|7719d32a-4617-46bf-91e8-3f6977076d52|139d8419-a218-4774-b9a5-7c513f87384d|6fa515f3-b78e-4087-9621-ed5a14e62903",
"name": "dev-thelistlogs|7719d32a-4617-46bf-91e8-3f6977076d52|139d8419-a218-4774-b9a5-7c513f87384d|6fa515f3-b78e-4087-9621-ed5a14e62903",
"type": "microsoft.insights/scheduledqueryrules",
"location": "westeurope",
"tags": {
"hidden-link:/subscriptions/XXXXXXXX-XXXX-XXXX-XXXX-XXXXXXXXXXXX/resourceGroups/dev-shared/providers/Microsoft.OperationalInsights/workspaces/dev-thelistlogs": "Resource"
},
"kind": null,
"etag": "\"dc011985-0000-0000-0000-5c8641250000\"",
"properties": {
"description": "temp2",
"displayName": "temp2",
"enabled": "true",
"lastUpdatedTime": "2019-03-11T11:06:13.5080064Z",
"provisioningState": "Succeeded",
"source": {
"query": "<omitted>",
"dataSourceId": "/subscriptions/XXXXXXXX-XXXX-XXXX-XXXX-XXXXXXXXXXXX/resourceGroups/dev-shared/providers/Microsoft.OperationalInsights/workspaces/dev-thelistlogs",
"queryType": "ResultCount"
},
"schedule": {
"frequencyInMinutes": 5,
"timeWindowInMinutes": 5
},
"action": {
"severity": "1",
"aznsAction": {
"actionGroup": [
"/subscriptions/XXXXXXXX-XXXX-XXXX-XXXX-XXXXXXXXXXXX/resourcegroups/dev-shared/providers/microsoft.insights/actiongroups/development"
],
"emailSubject": null,
"customWebhookPayload": "{ \"alertname\":\"#alertrulename\", \"IncludeSearchResults\":true }"
},
"trigger": {
"thresholdOperator": "GreaterThan",
"threshold": 0
},
"odata.type": "Microsoft.WindowsAzure.Management.Monitoring.Alerts.Models.Microsoft.AppInsights.Nexus.DataContracts.Resources.ScheduledQueryRules.AlertingAction"
}
}
}
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.