Skip to content

Commit c764e1a

Browse files
authored
public repo edits for Microsoft Docs style
1 parent 65b4508 commit c764e1a

File tree

1 file changed

+87
-86
lines changed

1 file changed

+87
-86
lines changed

articles/vpn-gateway/vpn-gateway-howto-setup-alerts-virtual-network-gateway-log.md

Lines changed: 87 additions & 86 deletions
Original file line numberDiff line numberDiff line change
@@ -24,7 +24,7 @@ The following logs are available in Azure:
2424
|IKEDiagnosticLog | Logs IKE control messages and events on the gateway |
2525
|P2SDiagnosticLog | Logs point-to-site control messages and events on the gateway |
2626

27-
## <a name="setup"></a>Set up alerts in the Azure Portal
27+
## <a name="setup"></a>Set up alerts in the Azure portal
2828

2929
The following example steps will create an alert for a disconnection event that involves a site-to-site VPN tunnel:
3030

@@ -94,101 +94,102 @@ The following example steps will create an alert for a disconnection event that
9494
9595
![Selections for creating a rule](./media/vpn-gateway-howto-setup-alerts-virtual-network-gateway-log/log-alert11.png "Select")
9696
97-
## <a name="setuppowershell"></a>Set up alerts with Powershell
97+
## <a name="setuppowershell"></a>Set up alerts by using PowerShell
9898
99-
The following example steps will create an alert for a disconnection event that involves a site-to-site VPN tunnel.
99+
The following example steps create an alert for a disconnection event that involves a site-to-site VPN tunnel.
100100
101-
1. Create a Log Analytics workspace.
101+
1. Create a Log Analytics workspace:
102102
103-
```Powershell
104-
$Location = 'westus2'
105-
$ResourceGroupName = 'TestRG1'
106-
$Sku = 'pergb2018'
107-
$WorkspaceName = 'LogAnalyticsWS123'
103+
```powershell
104+
$Location = 'westus2'
105+
$ResourceGroupName = 'TestRG1'
106+
$Sku = 'pergb2018'
107+
$WorkspaceName = 'LogAnalyticsWS123'
108108
109-
New-AzOperationalInsightsWorkspace -Location $Location -Name $WorkspaceName -Sku $Sku -ResourceGroupName $ResourceGroupName
110-
```
111-
2. Turn on diagnostics for the VPN gateway.
109+
New-AzOperationalInsightsWorkspace -Location $Location -Name $WorkspaceName -Sku $Sku -ResourceGroupName $ResourceGroupName
110+
```
112111

113-
```Powershell
114-
$ResourceGroupName = 'TestRG1'
115-
$VpnGatewayName = 'VNet1GW'
116-
$WorkspaceName = 'LogAnalyticsWS123'
112+
2. Turn on diagnostics for the VPN gateway:
117113

118-
$VpnGateway = Get-AzVirtualNetworkGateway -Name $VpnGatewayName -ResourceGroupName $ResourceGroupName
119-
$Workspace = Get-AzOperationalInsightsWorkspace -Name $WorkspaceName -ResourceGroupName $ResourceGroupName
114+
```powershell
115+
$ResourceGroupName = 'TestRG1'
116+
$VpnGatewayName = 'VNet1GW'
117+
$WorkspaceName = 'LogAnalyticsWS123'
120118
121-
Set-AzDiagnosticSetting `
122-
-Name 'VPN tunnel' `
123-
-ResourceId $VpnGateway.Id `
124-
-WorkspaceId $Workspace.ResourceId `
125-
-Enabled $true `
126-
-Category 'TunnelDiagnosticLog'
127-
```
119+
$VpnGateway = Get-AzVirtualNetworkGateway -Name $VpnGatewayName -ResourceGroupName $ResourceGroupName
120+
$Workspace = Get-AzOperationalInsightsWorkspace -Name $WorkspaceName -ResourceGroupName $ResourceGroupName
121+
122+
Set-AzDiagnosticSetting `
123+
-Name 'VPN tunnel' `
124+
-ResourceId $VpnGateway.Id `
125+
-WorkspaceId $Workspace.ResourceId `
126+
-Enabled $true `
127+
-Category 'TunnelDiagnosticLog'
128+
```
128129

129130
3. Create an action group.
130131

131-
This will create an action group that will send an e-mail notification when an alert has been triggered.
132-
133-
```Powershell
134-
$ActionGroupName = 'EmailAdmins' # Max. 60 characters long
135-
$ActionGroupShortName = 'EmailAdmins' # Max. 12 characters long
136-
$ActionGroupReceiverName = 'My receiver Name'
137-
$EmailAddress = 'xyz@microsoft.com'
138-
$ResourceGroupName = 'TestRG1'
139-
140-
$ActionGroupReceiver = New-AzActionGroupReceiver -Name $ActionGroupReceiverName -UseCommonAlertSchema -EmailReceiver -EmailAddress $EmailAddress
141-
142-
Set-AzActionGroup `
143-
-ResourceGroupName $ResourceGroupName `
144-
-Name $ActionGroupName `
145-
-ShortName $ActionGroupShortName `
146-
-Receiver @($ActionGroupReceiver)
147-
```
148-
149-
4. Create an alert rule based on a custom log search.
150-
151-
```Powershell
152-
$ActionGroupName = 'EmailAdmins'
153-
$EmailSubject = 'Redmond VPN tunnel is disconnected'
154-
$Location = 'westus2'
155-
$RemoteIp = '104.42.209.46'
156-
$ResourceGroupName = 'TestRG1'
157-
$VpnGatewayName = 'VNet1GW'
158-
$WorkspaceName = 'LogAnalyticsWS123'
159-
160-
$VpnGateway = Get-AzVirtualNetworkGateway -Name $VpnGatewayName -ResourceGroupName $ResourceGroupName
161-
$Workspace = Get-AzOperationalInsightsWorkspace -Name $WorkspaceName -ResourceGroupName $ResourceGroupName
162-
163-
$Query = @"
164-
AzureDiagnostics |
165-
where Category == "TunnelDiagnosticLog" |
166-
where TimeGenerated > ago(5m) |
167-
where _ResourceId == tolower("$($VpnGateway.id)") |
168-
where remoteIP_s == "$($RemoteIp)" |
169-
where status_s == "Disconnected" |
170-
project TimeGenerated, OperationName, instance_s, Resource, ResourceGroup, _ResourceId |
171-
sort by TimeGenerated asc
172-
"@
173-
174-
$Source = New-AzScheduledQueryRuleSource -Query $Query -DataSourceId $Workspace.ResourceId
175-
$Schedule = New-AzScheduledQueryRuleSchedule -FrequencyInMinutes 5 -TimeWindowInMinutes 5
176-
$TriggerCondition = New-AzScheduledQueryRuleTriggerCondition -ThresholdOperator 'GreaterThan' -Threshold 0
177-
178-
$ActionGroup = Get-AzActionGroup -ResourceGroupName $ResourceGroupName -Name $ActionGroupName
179-
$AznsActionGroup = New-AzScheduledQueryRuleAznsActionGroup -ActionGroup $ActionGroup.Id -EmailSubject $EmailSubject
180-
$AlertingAction = New-AzScheduledQueryRuleAlertingAction -AznsAction $AznsActionGroup -Severity '1' -Trigger $TriggerCondition
181-
182-
New-AzScheduledQueryRule `
183-
-ResourceGroupName $ResourceGroupName `
184-
-Location $Location `
185-
-Action $AlertingAction `
186-
-Enabled $true `
187-
-Description 'The tunnel between Azure and Redmond with IP address 104.42.209.46 is disconnected' `
188-
-Schedule $Schedule `
189-
-Source $Source `
190-
-Name 'The Azure to Redmond tunnel is disconnected'
191-
```
132+
This code creates an action group that sends an e-mail notification when an alert is triggered:
133+
134+
```powershell
135+
$ActionGroupName = 'EmailAdmins' # Max. 60 characters long
136+
$ActionGroupShortName = 'EmailAdmins' # Max. 12 characters long
137+
$ActionGroupReceiverName = 'My receiver Name'
138+
$EmailAddress = 'xyz@contoso.com'
139+
$ResourceGroupName = 'TestRG1'
140+
141+
$ActionGroupReceiver = New-AzActionGroupReceiver -Name $ActionGroupReceiverName -UseCommonAlertSchema -EmailReceiver -EmailAddress $EmailAddress
142+
143+
Set-AzActionGroup `
144+
-ResourceGroupName $ResourceGroupName `
145+
-Name $ActionGroupName `
146+
-ShortName $ActionGroupShortName `
147+
-Receiver @($ActionGroupReceiver)
148+
```
149+
150+
4. Create an alert rule based on a custom log search:
151+
152+
```powershell
153+
$ActionGroupName = 'EmailAdmins'
154+
$EmailSubject = 'Redmond VPN tunnel is disconnected'
155+
$Location = 'westus2'
156+
$RemoteIp = '104.42.209.46'
157+
$ResourceGroupName = 'TestRG1'
158+
$VpnGatewayName = 'VNet1GW'
159+
$WorkspaceName = 'LogAnalyticsWS123'
160+
161+
$VpnGateway = Get-AzVirtualNetworkGateway -Name $VpnGatewayName -ResourceGroupName $ResourceGroupName
162+
$Workspace = Get-AzOperationalInsightsWorkspace -Name $WorkspaceName -ResourceGroupName $ResourceGroupName
163+
164+
$Query = @"
165+
AzureDiagnostics |
166+
where Category == "TunnelDiagnosticLog" |
167+
where TimeGenerated > ago(5m) |
168+
where _ResourceId == tolower("$($VpnGateway.id)") |
169+
where remoteIP_s == "$($RemoteIp)" |
170+
where status_s == "Disconnected" |
171+
project TimeGenerated, OperationName, instance_s, Resource, ResourceGroup, _ResourceId |
172+
sort by TimeGenerated asc
173+
"@
174+
175+
$Source = New-AzScheduledQueryRuleSource -Query $Query -DataSourceId $Workspace.ResourceId
176+
$Schedule = New-AzScheduledQueryRuleSchedule -FrequencyInMinutes 5 -TimeWindowInMinutes 5
177+
$TriggerCondition = New-AzScheduledQueryRuleTriggerCondition -ThresholdOperator 'GreaterThan' -Threshold 0
178+
179+
$ActionGroup = Get-AzActionGroup -ResourceGroupName $ResourceGroupName -Name $ActionGroupName
180+
$AznsActionGroup = New-AzScheduledQueryRuleAznsActionGroup -ActionGroup $ActionGroup.Id -EmailSubject $EmailSubject
181+
$AlertingAction = New-AzScheduledQueryRuleAlertingAction -AznsAction $AznsActionGroup -Severity '1' -Trigger $TriggerCondition
182+
183+
New-AzScheduledQueryRule `
184+
-ResourceGroupName $ResourceGroupName `
185+
-Location $Location `
186+
-Action $AlertingAction `
187+
-Enabled $true `
188+
-Description 'The tunnel between Azure and Redmond with IP address 104.42.209.46 is disconnected' `
189+
-Schedule $Schedule `
190+
-Source $Source `
191+
-Name 'The Azure to Redmond tunnel is disconnected'
192+
```
192193

193194
## Next steps
194195

0 commit comments

Comments
 (0)