Skip to content

Commit 48d8257

Browse files
ttorblettorble
authored
Merge pull request #271553 from jlichwa/AKV-Alert-Near-Expiry
Add Certificate Near Expiry Alert guidelines
2 parents 0ce99f9 + 1db705e commit 48d8257

File tree

7 files changed

+44
-0
lines changed

7 files changed

+44
-0
lines changed

articles/key-vault/general/alert.md

Lines changed: 44 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -159,9 +159,53 @@ If you followed all of the preceding steps, you'll receive email alerts when you
159159
> [!div class="mx-imgBorder"]
160160
> ![Screenshot that highlights the information needed to configure an email alert.](../media/alert-20.png)
161161
162+
163+
### Example: Log query alert for near expiry certificates
164+
165+
You can set an alert to notify you about certificates which are about to expire.
166+
167+
1. Go to **Logs** and paste below query in query window
168+
169+
```json
170+
AzureDiagnostics
171+
| where OperationName =~ 'CertificateNearExpiryEventGridNotification'
172+
| extend CertExpire = unixtime_seconds_todatetime(eventGridEventProperties_data_EXP_d)
173+
| extend DaysTillExpire = datetime_diff("Day", now(), CertExpire)
174+
| project ResourceId, CertName = eventGridEventProperties_subject_s, DaysTillExpire, CertExpire
175+
176+
1. Select **New alert rule**
177+
178+
> [!div class="mx-imgBorder"]
179+
> ![Screenshot that shows query window with selected new alert rule.](../media/alert-21.png)
180+
181+
1. In **Condition** tab use following configuration:
182+
+ In **Measurement** set **Aggregation granularity** to **1 day**
183+
+ In **Split by dimensions** set **Resource ID column** to **ResourceId**.
184+
+ Set **CertName** and **DayTillExpire** as dimensions.
185+
+ In **Alert logic** set **Threshold value** to **0** and **Frequency of evaluation** to **1 day**.
186+
187+
> [!div class="mx-imgBorder"]
188+
> ![Screenshot that shows alert condition configuration.](../media/alert-22.png)
189+
190+
1. In **Actions** tab configure alert to send an email
191+
1. Select **create action group**
192+
> [!div class="mx-imgBorder"]
193+
> ![Screenshot that shows how to create action group.](../media/alert-23.png)
194+
1. Configure **Create action group**
195+
> [!div class="mx-imgBorder"]
196+
> ![Screenshot that shows how to configure action group.](../media/alert-24.png)
197+
1. Configure **Notifications** to send an email
198+
> [!div class="mx-imgBorder"]
199+
> ![Screenshot that shows how to configure notification.](../media/alert-25.png)
200+
1. Configure **Details** to trigger **Warning** alert
201+
> [!div class="mx-imgBorder"]
202+
> ![Screenshot that shows how to configure notification details.](../media/alert-26.png)
203+
1. Select **Review + create**
204+
162205
## Next steps
163206

164207
Use the tools that you set up in this article to actively monitor the health of your key vault:
165208

166209
- [Monitor Key Vault](monitor-key-vault.md)
167210
- [Monitoring Key Vault data reference](monitor-key-vault-reference.md)
211+
- [Create a log query alert for an Azure resource](../../azure-monitor//alerts/tutorial-log-alert.md)

articles/key-vault/media/alert-21.png

107 KB
Loading

articles/key-vault/media/alert-22.png

116 KB
Loading

articles/key-vault/media/alert-23.png

22.8 KB
Loading

articles/key-vault/media/alert-24.png

44.9 KB
Loading

articles/key-vault/media/alert-25.png

66.2 KB
Loading

articles/key-vault/media/alert-26.png

74.1 KB
Loading

0 commit comments

Comments
 (0)