Skip to content

Commit 978ff50

Browse files
jlichwajlichwa
committed
Add Certificate Near Expiry Alert guidelines
1 parent c642180 commit 978ff50

File tree

7 files changed

+46
-0
lines changed

7 files changed

+46
-0
lines changed

articles/key-vault/general/alert.md

Lines changed: 46 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -156,9 +156,55 @@ If you followed all of the preceding steps, you'll receive email alerts when you
156156
> [!div class="mx-imgBorder"]
157157
> ![Screenshot that highlights the information needed to configure an email alert.](../media/alert-20.png)
158158
159+
160+
### Example: Log query alert for near expiry certificates
161+
162+
You can set an alert to notify you about certificates which are about to expire.
163+
164+
1. Go to **Logs** and paste below query in query window
165+
166+
```json
167+
AzureDiagnostics
168+
| where OperationName =~ 'CertificateNearExpiryEventGridNotification'
169+
| extend CertExpire = unixtime_seconds_todatetime(eventGridEventProperties_data_EXP_d)
170+
| extend DaysTillExpire = datetime_diff("Day", now(), CertExpire)
171+
| project ResourceId, CertName = eventGridEventProperties_subject_s,
172+
DaysTillExpire, CertExpire
173+
```
174+
175+
1. Select **New alert rule**
176+
177+
> [!div class="mx-imgBorder"]
178+
> ![Screenshot that shows query window with selected new alert rule](../media/alert-21.png)
179+
180+
1. In **Condition** tab use following configuration:
181+
+ In **Measurement** set **Aggregation granularity** to **1 day**
182+
+ In **Split by dimensions** set **Resource ID column** to **ResourceId**.
183+
+ Set **CertName** and **DayTillExpire** as dimensions.
184+
+ In **Alert logic** set **Threshold value** to **0** and **Frequency of evaluation** to **1 day**.
185+
186+
> [!div class="mx-imgBorder"]
187+
> ![Screenshot that shows alert condition configuration](../media/alert-22.png)
188+
189+
1. In **Actions** tab configure alert to send an email
190+
1. Select **create action group**
191+
> [!div class="mx-imgBorder"]
192+
> ![Screenshot that shows how to create action group](../media/alert-23.png)
193+
1. Configure **Create action group**
194+
> [!div class="mx-imgBorder"]
195+
> ![Screenshot that shows how to configure action group](../media/alert-24.png)
196+
1. Configure **Notifications** to send an email
197+
> [!div class="mx-imgBorder"]
198+
> ![Screenshot that shows how to configure notification](../media/alert-25.png)
199+
1. Configure **Details** to trigger **Warning** alert
200+
> [!div class="mx-imgBorder"]
201+
> ![Screenshot that shows how to configure notification](../media/alert-26.png)
202+
1. Select **Review + create**
203+
159204
## Next steps
160205

161206
Use the tools that you set up in this article to actively monitor the health of your key vault:
162207

163208
- [Monitor Key Vault](monitor-key-vault.md)
164209
- [Monitoring Key Vault data reference](monitor-key-vault-reference.md)
210+
- [Create a log query alert for an Azure resource](../../azure-monitor//alerts/tutorial-log-alert.md)

articles/key-vault/media/alert-21.png

107 KB
Loading

articles/key-vault/media/alert-22.png

116 KB
Loading

articles/key-vault/media/alert-23.png

22.8 KB
Loading

articles/key-vault/media/alert-24.png

40.4 KB
Loading

articles/key-vault/media/alert-25.png

60.9 KB
Loading

articles/key-vault/media/alert-26.png

70.5 KB
Loading

0 commit comments

Comments
 (0)