Merge pull request #215552 from AbbyMSFT/log-alert-ps

Adding new powershell commands for log alerts

Author: PMEds28

articles/azure-monitor/alerts/alerts-create-new-alert-rule.md

@@ -282,6 +282,7 @@ You can create a new alert rule using the [Azure CLI](/cli/azure/get-started-wit
     ### [Log alert](#tab/log)
 
     To create a log alert rule that monitors count of system event errors:
+
     ```azurecli
     az monitor scheduled-query create -g {ResourceGroup} -n {nameofthealert} --scopes {vm_id} --condition "count \'union Event, Syslog | where TimeGenerated > a(1h) | where EventLevelName == \"Error\" or SeverityLevel== \"err\"\' > 2" --description {descriptionofthealert}
     ```
@@ -299,10 +300,10 @@ You can create a new alert rule using the [Azure CLI](/cli/azure/get-started-wit
      - [az monitor activity-log alert action-group](/cli/azure/monitor/activity-log/alert/action-group): Add an action group to the activity log alert rule.
 
     ---
-
 ## Create a new alert rule using PowerShell
 
 - To create a metric alert rule using PowerShell, use this cmdlet: [Add-AzMetricAlertRuleV2](/powershell/module/az.monitor/add-azmetricalertrulev2)
+- To create a log alert rule using PowerShell, use this cmdlet: [New-AzScheduledQueryRule](/powershell/module/az.monitor/new-azscheduledqueryrule)
 - To create an  activity log alert rule using PowerShell, use this cmdlet: [Set-AzActivityLogAlert](/powershell/module/az.monitor/set-azactivitylogalert)
 
 ## Create an activity log alert rule from the Activity log pane
@@ -450,7 +451,7 @@ The *sampleActivityLogAlert.parameters.json* file contains the values provided f
 
 ## Changes to log alert rule creation experience
 
-If you're creating a new log alert rule, please note that current alert rule wizard is a little different from the earlier experience:
+If you're creating a new log alert rule, note that current alert rule wizard is a little different from the earlier experience:
 
 - Previously, search results were included in the payload of the triggered alert and its associated notifications. The email included only 10 rows from the unfiltered results while the webhook payload contained 1000 unfiltered results. To get detailed context information about the alert so that you can decide on the appropriate action:
     - We recommend using [Dimensions](alerts-types.md#narrow-the-target-using-dimensions). Dimensions provide the column value that fired the alert, giving you context for why the alert fired and how to fix the issue.

articles/azure-monitor/alerts/alerts-manage-alert-rules.md

@@ -49,45 +49,20 @@ To enable recommended alert rules:
 
 ## Manage metric alert rules with the Azure CLI
 
-This section describes how to do manage metric alert rules using the cross-platform [Azure CLI](/cli/azure/get-started-with-azure-cli). The following examples use [Azure Cloud Shell](../../cloud-shell/overview.md). 
+This section describes how to manage metric alert rules using the cross-platform [Azure CLI](/cli/azure/get-started-with-azure-cli). The following examples use [Azure Cloud Shell](../../cloud-shell/overview.md). 
 
 1. In the [portal](https://portal.azure.com/), select **Cloud Shell**.
-
-You can use commands with ``--help`` option to learn more about the command and how to use it. For example, the following command shows you the list of commands available for creating, viewing, and managing metric alerts.
-
-```azurecli
-az monitor metrics alert --help
-```
-
-### View all the metric alerts in a resource group
-
-```azurecli
-az monitor metrics alert list  -g {ResourceGroup}
-```
-
-### See the details of a particular metric alert rule
-
-Use the name or the resource ID of the rule in the following commands:
-
-```azurecli
-az monitor metrics alert show -g {ResourceGroup} -n {AlertRuleName}
-```
-
-```azurecli
-az monitor metrics alert show --ids {RuleResourceId}
-```
-
-### Disable a metric alert rule
-
-```azurecli
-az monitor metrics alert update -g {ResourceGroup} -n {AlertRuleName} --enabled false
-```
-
-### Delete a metric alert rule
-
-```azurecli
-az monitor metrics alert delete -g {ResourceGroup} -n {AlertRuleName}
-```
+1. Use these options of the `az monitor metrics alert` CLI command in this table:
+
+    
+    |What you want to do|CLI command  |
+    |---------|---------|
+    |View all the metric alerts in a resource group|`az monitor metrics alert list -g {ResourceGroup}`|
+    |See the details of a metric alert rule|`az monitor metrics alert show -g {ResourceGroup} -n {AlertRuleName}`|
+    |     |`az monitor metrics alert show --ids {RuleResourceId}`|
+    |Disable a metric alert rule|`az monitor metrics alert update -g {ResourceGroup} -n {AlertRuleName} --enabled false`|
+    |Delete a metric alert rule|`az monitor metrics alert delete -g {ResourceGroup} -n {AlertRuleName}`|
+    |Learn more about the command|`az monitor metrics alert --help`|
 
 ## Manage metric alert rules with PowerShell
 
@@ -115,41 +90,17 @@ This section describes how to manage log alerts using the cross-platform [Azure
 
 
 1. In the [portal](https://portal.azure.com/), select **Cloud Shell**.
-
-You can use commands with ``--help`` option to learn more about the command and how to use it. For example, the following command shows you the list of commands available for creating, viewing, and managing log alerts.
-
-```azurecli
-az monitor scheduled-query --help
-```
-
-### View all the log alert rules in a resource group
-
-```azurecli
-az monitor scheduled-query list -g {ResourceGroup}
-```
-
-### See the details of a log alert rule
-
-Use the name or the resource ID of the rule in the following command:
-
-```azurecli
-az monitor scheduled-query show -g {ResourceGroup} -n {AlertRuleName}
-```
-```azurecli
-az monitor scheduled-query show --ids {RuleResourceId}
-```
-
-### Disable a log alert rule
-
-```azurecli
-az monitor scheduled-query update -g {ResourceGroup} -n {AlertRuleName} --disabled true
-```
-
-### Delete a log alert rule
-
-```azurecli
-az monitor scheduled-query delete -g {ResourceGroup} -n {AlertRuleName}
-```
+1. Use these options of the `az monitor scheduled-query alert` CLI command in this table:
+
+    
+    |What you want to do|CLI command  |
+    |---------|---------|
+    |View all the log alert rules in a resource group|`az monitor scheduled-query list -g {ResourceGroup}`|
+    |See the details of a log alert rule|`az monitor scheduled-query show -g {ResourceGroup} -n {AlertRuleName}`|
+    |     |`az monitor scheduled-query show --ids {RuleResourceId}`|
+    |Disable a log alert rule|`az monitor scheduled-query update -g {ResourceGroup} -n {AlertRuleName} --disabled true`|
+    |Delete a log alert rule|`az monitor scheduled-query delete -g {ResourceGroup} -n {AlertRuleName}`|
+    |Learn more about the command|`az monitor scheduled-query --help`|
 
 ### Manage log alert rules using the Azure Resource Manager CLI with [templates](./alerts-log-create-templates.md)
 
@@ -164,6 +115,10 @@ az deployment group create \
 
 A 201 response is returned on successful creation. 200 is returned on successful updates.
 
+## Manage log alert rules with PowerShell
+
+Log alert rules have this dedicated PowerShell cmdlet:
+- [New-AzScheduledQueryRule](/powershell/module/az.monitor/new-azscheduledqueryrule): Creates a new log alert rule or updates an existing log alert rule.
 ## Manage activity log alert rules using PowerShell
 
 Activity log alerts have these dedicated PowerShell cmdlets: