Home > Blockchain >  Get list of "new alerts" for azure monitor
Get list of "new alerts" for azure monitor

Time:07-20

I have KQL giving me counts of my alert by severity the only issue is when the user closes them (i.e updates the user response) no column in the alerts table is updated

So here is the azure triggered view enter image description here

but the alerts table has nothing enter image description here

This strikes me as a fairly normal ask

CodePudding user response:

I am making the following assumption that you have a custom KQL query for Azure Resource Graph Explorer to identify Azure Monitor alerts.

Properties, such as alertState and monitorCondition are not standalone columns, but are nested properties within the dynamically typed "properties" column. As this is querying Azure Resource Graph, the records are updated directly, rather than adding a new log (as it would be in log analytics).

Below is a query that extracts the two relevant properties.

alertsmanagementresources
| extend alertState = tostring(parse_json(properties.essentials.alertState))
| extend monitorCondition = tostring(parse_json(properties.essentials.monitorCondition))
| project name, alertState, monitorCondition

If you need help, please share your query and what information you are looking to query.

Alistair

Page link:https//www.codepudding.com/Blockchain/482399.html

Prev:How can I trigger Azure Data Factory based on finishing Python script?
Next:Azure function app timer trigger vs. manual trigger in Azure portal
  • Related

About Us:  Contact Us      Terms of Service       Privacy Policy

Copyright © 2010-2023,Powered By CodePudding