The Microsoft Azure Activity Log Alerts API is a tool that allows users to create and manage alerts based on activity logs within their Azure environment. This API enables users to set up custom notifications for specific events or patterns of activity, helping them easily monitor and respond to important changes or issues within their cloud services.
swagger: '2.0'
info:
title: Microsoft Azure Azure Activity Log Alerts API
description: API for Azure Activity Log Alert rules CRUD operations.
version: 2023-01-01-preview
x-ms-code-generation-settings:
name: MonitorManagementClient
host: management.azure.com
schemes:
- https
consumes:
- application/json
produces:
- application/json
security:
- azure_auth:
- user_impersonation
securityDefinitions:
azure_auth:
type: oauth2
authorizationUrl: https://login.microsoftonline.com/common/oauth2/authorize
flow: implicit
description: Azure Active Directory OAuth2 Flow
scopes:
user_impersonation: impersonate your user account
paths:
? /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Insights/activityLogAlerts/{activityLogAlertName}
: put:
description: Create a new Activity Log Alert rule or update an existing one.
operationId: microsoftAzureActivitylogalertsCreateorupdate
x-ms-examples:
Create or update an Activity Log Alert rule:
$ref: ./examples/ActivityLogAlertRule_CreateOrUpdate.json
Create or update an Activity Log Alert rule with 'anyOf' condition:
$ref: >-
./examples/ActivityLogAlertRule_CreateOrUpdateRuleWithAnyOfCondition.json
Create or update an Activity Log Alert rule with 'containsAny':
$ref: >-
./examples/ActivityLogAlertRule_CreateOrUpdateRuleWithContainsAny.json
Create or update an Activity Log Alert rule for tenant level events:
$ref: >-
./examples/ActivityLogAlertRule_CreateOrUpdateTenantLevelServiceHealthRule.json
parameters:
- $ref: >-
../../../../../common-types/resource-management/v2/types.json#/parameters/SubscriptionIdParameter
- $ref: >-
../../../../../common-types/resource-management/v2/types.json#/parameters/ResourceGroupNameParameter
- $ref: '#/parameters/ActivityLogAlertNameParameter'
- $ref: >-
../../../../../common-types/resource-management/v2/types.json#/parameters/ApiVersionParameter
- name: activityLogAlertRule
description: The Activity Log Alert rule to create or use for the update.
in: body
required: true
schema:
$ref: '#/definitions/ActivityLogAlertResource'
responses:
'200':
description: An existing Activity Log Alert rule was successfully updated.
schema:
$ref: '#/definitions/ActivityLogAlertResource'
'201':
description: A new Activity Log Alert rule was successfully created.
schema:
$ref: '#/definitions/ActivityLogAlertResource'
default:
description: >-
An error occurred and the Activity Log Alert rule could not be
created or updated.
schema:
$ref: '#/definitions/ErrorResponse'
summary: >-
Microsoft Azure Put Subscriptions Subscriptionid Resourcegroups Resourcegroupname Providers Microsoft Insights Activitylogalerts Activitylogalertname
tags:
- Subscriptions
get:
description: Get an Activity Log Alert rule.
operationId: microsoftAzureActivitylogalertsGet
x-ms-examples:
Get an Activity Log Alert rule:
$ref: ./examples/ActivityLogAlertRule_Get.json
parameters:
- $ref: >-
../../../../../common-types/resource-management/v2/types.json#/parameters/SubscriptionIdParameter
- $ref: >-
../../../../../common-types/resource-management/v2/types.json#/parameters/ResourceGroupNameParameter
- $ref: '#/parameters/ActivityLogAlertNameParameter'
- $ref: >-
../../../../../common-types/resource-management/v2/types.json#/parameters/ApiVersionParameter
responses:
'200':
description: The request succeeded.
schema:
$ref: '#/definitions/ActivityLogAlertResource'
default:
description: >-
An error occurred and the Activity Log Alert rule could not be
retrieved.
schema:
$ref: '#/definitions/ErrorResponse'
summary: >-
Microsoft Azure Get Subscriptions Subscriptionid Resourcegroups Resourcegroupname Providers Microsoft Insights Activitylogalerts Activitylogalertname
tags:
- Subscriptions
delete:
description: Delete an Activity Log Alert rule.
operationId: microsoftAzureActivitylogalertsDelete
x-ms-examples:
Delete an Activity Log Alert rule:
$ref: ./examples/ActivityLogAlertRule_Delete.json
parameters:
- $ref: >-
../../../../../common-types/resource-management/v2/types.json#/parameters/SubscriptionIdParameter
- $ref: >-
../../../../../common-types/resource-management/v2/types.json#/parameters/ResourceGroupNameParameter
- $ref: '#/parameters/ActivityLogAlertNameParameter'
- $ref: >-
../../../../../common-types/resource-management/v2/types.json#/parameters/ApiVersionParameter
responses:
'200':
description: The Activity Log Alert rule was successfully deleted.
'204':
description: >-
The Activity Log Alert rule does not exist. It may have already been
deleted.
default:
description: >-
An error occurred and the Activity Log Alert rule could not be
deleted.
schema:
$ref: '#/definitions/ErrorResponse'
summary: >-
Microsoft Azure Delete Subscriptions Subscriptionid Resourcegroups Resourcegroupname Providers Microsoft Insights Activitylogalerts Activitylogalertname
tags:
- Subscriptions
patch:
description: >-
Updates 'tags' and 'enabled' fields in an existing Alert rule. This
method is used to update the Alert rule tags, and to enable or disable
the Alert rule. To update other fields use CreateOrUpdate operation.
operationId: microsoftAzureActivitylogalertsUpdate
x-ms-examples:
Patch an Activity Log Alert rule:
$ref: ./examples/ActivityLogAlertRule_Update.json
parameters:
- $ref: >-
../../../../../common-types/resource-management/v2/types.json#/parameters/SubscriptionIdParameter
- $ref: >-
../../../../../common-types/resource-management/v2/types.json#/parameters/ResourceGroupNameParameter
- $ref: '#/parameters/ActivityLogAlertNameParameter'
- $ref: >-
../../../../../common-types/resource-management/v2/types.json#/parameters/ApiVersionParameter
- name: activityLogAlertRulePatch
in: body
required: true
schema:
$ref: '#/definitions/AlertRulePatchObject'
description: Parameters supplied to the operation.
responses:
'200':
description: An existing Activity Log Alert rule was successfully updated.
schema:
$ref: '#/definitions/ActivityLogAlertResource'
default:
description: Error response describing why the operation failed.
schema:
$ref: '#/definitions/ErrorResponse'
summary: >-
Microsoft Azure Patch Subscriptions Subscriptionid Resourcegroups Resourcegroupname Providers Microsoft Insights Activitylogalerts Activitylogalertname
tags:
- Subscriptions
/subscriptions/{subscriptionId}/providers/Microsoft.Insights/activityLogAlerts:
get:
description: Get a list of all Activity Log Alert rules in a subscription.
operationId: microsoftAzureActivitylogalertsListbysubscriptionid
x-ms-examples:
Get list of all Activity Log Alert rules under a subscription:
$ref: ./examples/ActivityLogAlertRule_ListBySubscriptionId.json
x-ms-pageable:
nextLinkName: nextLink
parameters:
- $ref: >-
../../../../../common-types/resource-management/v2/types.json#/parameters/SubscriptionIdParameter
- $ref: >-
../../../../../common-types/resource-management/v2/types.json#/parameters/ApiVersionParameter
responses:
'200':
description: The request succeeded.
schema:
$ref: '#/definitions/AlertRuleList'
default:
description: >-
An error occurred and the list of Activity Log Alert rules could not
be retrieved.
schema:
$ref: '#/definitions/ErrorResponse'
summary: >-
Microsoft Azure Get Subscriptions Subscriptionid Providers Microsoft Insights Activitylogalerts
tags:
- Subscriptions
/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Insights/activityLogAlerts:
get:
description: Get a list of all Activity Log Alert rules in a resource group.
operationId: microsoftAzureActivitylogalertsListbyresourcegroup
x-ms-examples:
List activity log alerts:
$ref: ./examples/ActivityLogAlertRule_ListByResourceGroupName.json
x-ms-pageable:
nextLinkName: nextLink
parameters:
- $ref: >-
../../../../../common-types/resource-management/v2/types.json#/parameters/SubscriptionIdParameter
- $ref: >-
../../../../../common-types/resource-management/v2/types.json#/parameters/ResourceGroupNameParameter
- $ref: >-
../../../../../common-types/resource-management/v2/types.json#/parameters/ApiVersionParameter
responses:
'200':
description: The request succeeded.
schema:
$ref: '#/definitions/AlertRuleList'
default:
description: >-
An error occurred and the list of Activity Log Alert rules could not
be retrieved.
schema:
$ref: '#/definitions/ErrorResponse'
summary: >-
Microsoft Azure Get Subscriptions Subscriptionid Resourcegroups Resourcegroupname Providers Microsoft Insights Activitylogalerts
tags:
- Subscriptions
definitions:
AzureResource:
description: An Azure resource object.
x-ms-azure-resource: true
type: object
properties:
id:
description: The resource Id.
type: string
readOnly: true
name:
description: The name of the resource.
type: string
readOnly: true
type:
description: The type of the resource.
type: string
readOnly: true
location:
description: >-
The location of the resource. Azure Activity Log Alert rules are
supported on Global, West Europe and North Europe regions.
type: string
default: global
x-ms-mutability:
- read
- create
tags:
description: The tags of the resource.
type: object
additionalProperties:
type: string
ActivityLogAlertResource:
type: object
description: An Activity Log Alert rule resource.
allOf:
- $ref: '#/definitions/AzureResource'
properties:
properties:
description: The Activity Log Alert rule properties of the resource.
x-ms-client-flatten: true
$ref: '#/definitions/AlertRuleProperties'
AlertRuleList:
type: object
description: A list of Activity Log Alert rules.
properties:
value:
description: The list of Activity Log Alert rules.
type: array
items:
$ref: '#/definitions/ActivityLogAlertResource'
x-ms-identifiers:
- id
nextLink:
description: Provides the link to retrieve the next set of elements.
type: string
AlertRuleProperties:
description: An Azure Activity Log Alert rule.
type: object
properties:
tenantScope:
description: >-
The tenant GUID. Must be provided for tenant-level and management
group events rules.
type: string
scopes:
description: >-
A list of resource IDs that will be used as prefixes. The alert will
only apply to Activity Log events with resource IDs that fall under
one of these prefixes. This list must include at least one item.
type: array
items:
type: string
condition:
description: The condition that will cause this alert to activate.
$ref: '#/definitions/AlertRuleAllOfCondition'
actions:
description: The actions that will activate when the condition is met.
$ref: '#/definitions/ActionList'
enabled:
description: >-
Indicates whether this Activity Log Alert rule is enabled. If an
Activity Log Alert rule is not enabled, then none of its actions will
be activated.
type: boolean
default: true
description:
description: A description of this Activity Log Alert rule.
type: string
required:
- condition
- actions
AlertRuleAllOfCondition:
description: >-
An Activity Log Alert rule condition that is met when all its member
conditions are met.
type: object
properties:
allOf:
description: The list of Activity Log Alert rule conditions.
type: array
items:
$ref: '#/definitions/AlertRuleAnyOfOrLeafCondition'
x-ms-identifiers: []
required:
- allOf
AlertRuleAnyOfOrLeafCondition:
description: >
An Activity Log Alert rule condition that is met when all its member
conditions are met.
Each condition can be of one of the following types:
__Important__: Each type has its unique subset of properties. Properties
from different types CANNOT exist in one condition.
* __Leaf Condition -__ must contain 'field' and either 'equals' or 'containsAny'.
_Please note, 'anyOf' should __not__ be set in a Leaf Condition._
* __AnyOf Condition -__ must contain __only__ 'anyOf' (which is an array of Leaf Conditions).
_Please note, 'field', 'equals' and 'containsAny' should __not__ be set in an AnyOf Condition._
type: object
allOf:
- $ref: '#/definitions/AlertRuleLeafCondition'
properties:
anyOf:
title: An Activity Log Alert rule 'anyOf' condition.
description: >-
An Activity Log Alert rule condition that is met when at least one of
its member leaf conditions are met.
type: array
items:
$ref: '#/definitions/AlertRuleLeafCondition'
x-ms-identifiers: []
AlertRuleLeafCondition:
description: >-
An Activity Log Alert rule condition that is met by comparing the field
and value of an Activity Log event.
This condition must contain 'field' and either 'equals' or 'containsAny'.
type: object
properties:
field:
description: >-
The name of the Activity Log event's field that this condition will
examine.
The possible values for this field are (case-insensitive):
'resourceId', 'category', 'caller', 'level', 'operationName',
'resourceGroup', 'resourceProvider', 'status', 'subStatus',
'resourceType', or anything beginning with 'properties'.
type: string
equals:
description: >-
The value of the event's field will be compared to this value
(case-insensitive) to determine if the condition is met.
type: string
containsAny:
description: >-
The value of the event's field will be compared to the values in this
array (case-insensitive) to determine if the condition is met.
type: array
items:
type: string
ActionList:
type: object
description: A list of Activity Log Alert rule actions.
properties:
actionGroups:
description: The list of the Action Groups.
type: array
items:
$ref: '#/definitions/ActionGroup'
x-ms-identifiers:
- actionGroupId
ActionGroup:
type: object
description: A pointer to an Azure Action Group.
properties:
actionGroupId:
description: The resource ID of the Action Group. This cannot be null or empty.
type: string
webhookProperties:
type: object
description: >-
the dictionary of custom properties to include with the post
operation. These data are appended to the webhook payload.
additionalProperties:
type: string
actionProperties:
type: object
additionalProperties:
type: string
description: >-
Predefined list of properties and configuration items for the action
group.
required:
- actionGroupId
AlertRulePatchObject:
type: object
description: An Activity Log Alert rule object for the body of patch operations.
properties:
tags:
type: object
description: The resource tags
additionalProperties:
type: string
properties:
x-ms-client-flatten: true
$ref: '#/definitions/AlertRulePatchProperties'
description: The activity log alert settings for an update operation.
AlertRulePatchProperties:
type: object
description: An Activity Log Alert rule properties for patch operations.
properties:
enabled:
description: >-
Indicates whether this Activity Log Alert rule is enabled. If an
Activity Log Alert rule is not enabled, then none of its actions will
be activated.
type: boolean
default: true
ErrorResponse:
description: The error response.
type: object
properties:
code:
description: The error code.
type: string
readOnly: true
message:
description: The error message indicating why the operation failed.
type: string
readOnly: true
parameters:
ActivityLogAlertNameParameter:
name: activityLogAlertName
in: path
required: true
type: string
pattern: ^[-\w\._\(\)]+$
description: The name of the Activity Log Alert rule.
x-ms-parameter-location: method
tags:
- name: Subscriptions