You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Copy file name to clipboardExpand all lines: articles/azure-monitor/alerts/activity-log-alerts.md
+13-6Lines changed: 13 additions & 6 deletions
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -12,13 +12,21 @@ ms.date: 04/04/2022
12
12
13
13
Activity log alerts allow you to be notified on events and operations that are logged in [Azure Activity Log](https://docs.microsoft.com/en-us/azure/azure-monitor/essentials/activity-log). An alert is fired when a new [activity log event](../essentials/activity-log-schema.md) occurs that matches the conditions specified in the alert rule. Activity log alert rules are Azure resources, so they can be created by using an Azure Resource Manager template. They also can be created, updated, or deleted in the Azure portal. This article introduces the concepts behind activity log alerts. For more information on creating or usage of activity log alert rules, see [Create and manage activity log alerts](alerts-activity-log.md).
14
14
15
-
## Alerts on activity log event categories:
15
+
## Alerting on activity log event categories
16
16
17
-
You can create activity log alerts to receive notifications on one of the following activity log event categories :
17
+
You can create activity log alert rules to receive notifications on one of the following activity log event categories :
18
18
19
-
***Administrative events** - you can be notified when a create, update, delete, or action operation occur on resources in your Azure subscription, resource group, or on a specific resource. For example, you might want to be notified when any virtual machine in myProductionResourceGroup is deleted. Or, you might want to be notified if any new roles are assigned to a user in your subscription.
20
-
***Service Health events** - you can be notified on Azure incidents, such as an outage or a maintenance event, occured in a specific Azure region and may impact services in your subscription. \
21
-
***Resource health events** - you can be notified when the health of a specific Azure resource you are using is degraded, or if the resource becomes unavailable.
19
+
***Administrative events** - get notified when a create, update, delete, or action operation occur on resources in your Azure subscription, resource group, or on a specific resource. For example, you might want to be notified when any virtual machine in myProductionResourceGroup is deleted. Or, you might want to be notified if any new roles are assigned to a user in your subscription.
20
+
***Service Health events** - get notified on Azure incidents, such as an outage or a maintenance event, occured in a specific Azure region and may impact services in your subscription. \
21
+
***Resource health events** - get notified when the health of a specific Azure resource you are using is degraded, or if the resource becomes unavailable.
22
+
***Autoscale events** - get notified when events related to the operation of the configured [autoscale operations](https://docs.microsoft.com/azure/azure-monitor/autoscale/autoscale-overview) in your subscription. An example of an Autoscale event is Autoscale scale up action failed.
23
+
***Recommendation** - get notified when a new [Azure Advisor recommendation](https://docs.microsoft.com/azure/advisor/advisor-overview) is available for your subscription.
24
+
***Security** - get notified on events generated by Microsoft Defender for Cloud. An example of a Security event is Suspicious double extension file executed.
25
+
***Policy** - get notified on effect action operations performed by Azure Policy. Examples of Policy events include Audit and Deny.
26
+
27
+
> [!NOTE]
28
+
> Alerts **cannot** be created for events in Alert category of activity log.
29
+
>
22
30
You can configure an activity log alert based on any top-level property in the JSON object for an activity log event. For more information, see [Categories in the Activity Log](../essentials/activity-log.md#view-the-activity-log). To learn more about service health events, see [Receive activity log alerts on service notifications](../../service-health/alerts-activity-log-service-notifications-portal.md).
23
31
24
32
An alternative simple way for creating conditions for activity log alerts is to explore or filter events via [Activity log in Azure portal](../essentials/activity-log.md#view-the-activity-log). In Azure Monitor - Activity log, one can filter and locate a required event and then create an alert to notify on similar by using the **New alert rule** button.
@@ -27,7 +35,6 @@ An alternative simple way for creating conditions for activity log alerts is to
27
35
> An activity log alert rule monitors only for events in the subscription in which the alert rule is created.
28
36
29
37
30
-
31
38
Activity log alerts have a few common options:
32
39
33
40
-**Category**: Administrative, Service Health, Autoscale, Security, Policy, and Recommendation.
0 commit comments