pulumi-azure-native-kotlin/com.pulumi.azurenative.insights.kotlin/ScheduledQueryRule

ScheduledQueryRule

class ScheduledQueryRule : KotlinCustomResource

The Log Search Rule resource. API Version: 2018-04-16.

Example Usage

Create or Update rule - AlertingAction

using System.Collections.Generic;
using System.Linq;
using Pulumi;
using AzureNative = Pulumi.AzureNative;
return await Deployment.RunAsync(() =>
{
    var scheduledQueryRule = new AzureNative.Insights.ScheduledQueryRule("scheduledQueryRule", new()
    {
        Action = new AzureNative.Insights.Inputs.AlertingActionArgs
        {
            AznsAction = new AzureNative.Insights.Inputs.AzNsActionGroupArgs
            {
                ActionGroup = new[] {},
                CustomWebhookPayload = "{}",
                EmailSubject = "Email Header",
            },
            OdataType = "Microsoft.WindowsAzure.Management.Monitoring.Alerts.Models.Microsoft.AppInsights.Nexus.DataContracts.Resources.ScheduledQueryRules.AlertingAction",
            Severity = "1",
            Trigger = new AzureNative.Insights.Inputs.TriggerConditionArgs
            {
                MetricTrigger = new AzureNative.Insights.Inputs.LogMetricTriggerArgs
                {
                    MetricColumn = "Computer",
                    MetricTriggerType = "Consecutive",
                    Threshold = 5,
                    ThresholdOperator = "GreaterThan",
                },
                Threshold = 3,
                ThresholdOperator = "GreaterThan",
            },
        },
        Description = "log alert description",
        Enabled = "true",
        Location = "eastus",
        ResourceGroupName = "Rac46PostSwapRG",
        RuleName = "logalertfoo",
        Schedule = new AzureNative.Insights.Inputs.ScheduleArgs
        {
            FrequencyInMinutes = 15,
            TimeWindowInMinutes = 15,
        },
        Source = new AzureNative.Insights.Inputs.SourceArgs
        {
            DataSourceId = "/subscriptions/b67f7fec-69fc-4974-9099-a26bd6ffeda3/resourceGroups/Rac46PostSwapRG/providers/Microsoft.OperationalInsights/workspaces/sampleWorkspace",
            Query = "Heartbeat | summarize AggregatedValue = count() by bin(TimeGenerated, 5m)",
            QueryType = "ResultCount",
        },
        Tags = null,
    });
});
Content copied to clipboard
package main
import (
	insights "github.com/pulumi/pulumi-azure-native-sdk/insights"
	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		_, err := insights.NewScheduledQueryRule(ctx, "scheduledQueryRule", &insights.ScheduledQueryRuleArgs{
			Action: insights.AlertingAction{
				AznsAction: insights.AzNsActionGroup{
					ActionGroup:          []interface{}{},
					CustomWebhookPayload: "{}",
					EmailSubject:         "Email Header",
				},
				OdataType: "Microsoft.WindowsAzure.Management.Monitoring.Alerts.Models.Microsoft.AppInsights.Nexus.DataContracts.Resources.ScheduledQueryRules.AlertingAction",
				Severity:  "1",
				Trigger: insights.TriggerCondition{
					MetricTrigger: insights.LogMetricTrigger{
						MetricColumn:      "Computer",
						MetricTriggerType: "Consecutive",
						Threshold:         5,
						ThresholdOperator: "GreaterThan",
					},
					Threshold:         3,
					ThresholdOperator: "GreaterThan",
				},
			},
			Description:       pulumi.String("log alert description"),
			Enabled:           pulumi.String("true"),
			Location:          pulumi.String("eastus"),
			ResourceGroupName: pulumi.String("Rac46PostSwapRG"),
			RuleName:          pulumi.String("logalertfoo"),
			Schedule: &insights.ScheduleArgs{
				FrequencyInMinutes:  pulumi.Int(15),
				TimeWindowInMinutes: pulumi.Int(15),
			},
			Source: &insights.SourceArgs{
				DataSourceId: pulumi.String("/subscriptions/b67f7fec-69fc-4974-9099-a26bd6ffeda3/resourceGroups/Rac46PostSwapRG/providers/Microsoft.OperationalInsights/workspaces/sampleWorkspace"),
				Query:        pulumi.String("Heartbeat | summarize AggregatedValue = count() by bin(TimeGenerated, 5m)"),
				QueryType:    pulumi.String("ResultCount"),
			},
			Tags: nil,
		})
		if err != nil {
			return err
		}
		return nil
	})
}
Content copied to clipboard
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.azurenative.insights.ScheduledQueryRule;
import com.pulumi.azurenative.insights.ScheduledQueryRuleArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
    public static void main(String[] args) {
        Pulumi.run(App::stack);
    }
    public static void stack(Context ctx) {
        var scheduledQueryRule = new ScheduledQueryRule("scheduledQueryRule", ScheduledQueryRuleArgs.builder()
            .action(Map.ofEntries(
                Map.entry("aznsAction", Map.ofEntries(
                    Map.entry("actionGroup", ),
                    Map.entry("customWebhookPayload", "{}"),
                    Map.entry("emailSubject", "Email Header")
                )),
                Map.entry("odataType", "Microsoft.WindowsAzure.Management.Monitoring.Alerts.Models.Microsoft.AppInsights.Nexus.DataContracts.Resources.ScheduledQueryRules.AlertingAction"),
                Map.entry("severity", "1"),
                Map.entry("trigger", Map.ofEntries(
                    Map.entry("metricTrigger", Map.ofEntries(
                        Map.entry("metricColumn", "Computer"),
                        Map.entry("metricTriggerType", "Consecutive"),
                        Map.entry("threshold", 5),
                        Map.entry("thresholdOperator", "GreaterThan")
                    )),
                    Map.entry("threshold", 3),
                    Map.entry("thresholdOperator", "GreaterThan")
                ))
            ))
            .description("log alert description")
            .enabled("true")
            .location("eastus")
            .resourceGroupName("Rac46PostSwapRG")
            .ruleName("logalertfoo")
            .schedule(Map.ofEntries(
                Map.entry("frequencyInMinutes", 15),
                Map.entry("timeWindowInMinutes", 15)
            ))
            .source(Map.ofEntries(
                Map.entry("dataSourceId", "/subscriptions/b67f7fec-69fc-4974-9099-a26bd6ffeda3/resourceGroups/Rac46PostSwapRG/providers/Microsoft.OperationalInsights/workspaces/sampleWorkspace"),
                Map.entry("query", "Heartbeat | summarize AggregatedValue = count() by bin(TimeGenerated, 5m)"),
                Map.entry("queryType", "ResultCount")
            ))
            .tags()
            .build());
    }
}
Content copied to clipboard

Create or Update rule - AlertingAction with Cross-Resource

using System.Collections.Generic;
using System.Linq;
using Pulumi;
using AzureNative = Pulumi.AzureNative;
return await Deployment.RunAsync(() =>
{
    var scheduledQueryRule = new AzureNative.Insights.ScheduledQueryRule("scheduledQueryRule", new()
    {
        Action = new AzureNative.Insights.Inputs.AlertingActionArgs
        {
            AznsAction = new AzureNative.Insights.Inputs.AzNsActionGroupArgs
            {
                ActionGroup = new[]
                {
                    "/subscriptions/b67f7fec-69fc-4974-9099-a26bd6ffeda3/resourceGroups/Rac46PostSwapRG/providers/microsoft.insights/actiongroups/test-ag",
                },
                EmailSubject = "Cross Resource Mail!!",
            },
            OdataType = "Microsoft.WindowsAzure.Management.Monitoring.Alerts.Models.Microsoft.AppInsights.Nexus.DataContracts.Resources.ScheduledQueryRules.AlertingAction",
            Severity = "3",
            Trigger = new AzureNative.Insights.Inputs.TriggerConditionArgs
            {
                Threshold = 5000,
                ThresholdOperator = "GreaterThan",
            },
        },
        Description = "Sample Cross Resource alert",
        Enabled = "true",
        Location = "eastus",
        ResourceGroupName = "Rac46PostSwapRG",
        RuleName = "SampleCrossResourceAlert",
        Schedule = new AzureNative.Insights.Inputs.ScheduleArgs
        {
            FrequencyInMinutes = 60,
            TimeWindowInMinutes = 60,
        },
        Source = new AzureNative.Insights.Inputs.SourceArgs
        {
            AuthorizedResources = new[]
            {
                "/subscriptions/b67f7fec-69fc-4974-9099-a26bd6ffeda3/resourceGroups/Rac46PostSwapRG/providers/Microsoft.OperationalInsights/workspaces/sampleWorkspace",
                "/subscriptions/b67f7fec-69fc-4974-9099-a26bd6ffeda3/resourceGroups/Rac46PostSwapRG/providers/microsoft.insights/components/sampleAI",
            },
            DataSourceId = "/subscriptions/b67f7fec-69fc-4974-9099-a26bd6ffeda3/resourceGroups/Rac46PostSwapRG/providers/microsoft.insights/components/sampleAI",
            Query = "union requests, workspace(\"sampleWorkspace\").Update",
            QueryType = "ResultCount",
        },
        Tags = null,
    });
});
Content copied to clipboard
package main
import (
	insights "github.com/pulumi/pulumi-azure-native-sdk/insights"
	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		_, err := insights.NewScheduledQueryRule(ctx, "scheduledQueryRule", &insights.ScheduledQueryRuleArgs{
			Action: insights.AlertingAction{
				AznsAction: insights.AzNsActionGroup{
					ActionGroup: []string{
						"/subscriptions/b67f7fec-69fc-4974-9099-a26bd6ffeda3/resourceGroups/Rac46PostSwapRG/providers/microsoft.insights/actiongroups/test-ag",
					},
					EmailSubject: "Cross Resource Mail!!",
				},
				OdataType: "Microsoft.WindowsAzure.Management.Monitoring.Alerts.Models.Microsoft.AppInsights.Nexus.DataContracts.Resources.ScheduledQueryRules.AlertingAction",
				Severity:  "3",
				Trigger: insights.TriggerCondition{
					Threshold:         5000,
					ThresholdOperator: "GreaterThan",
				},
			},
			Description:       pulumi.String("Sample Cross Resource alert"),
			Enabled:           pulumi.String("true"),
			Location:          pulumi.String("eastus"),
			ResourceGroupName: pulumi.String("Rac46PostSwapRG"),
			RuleName:          pulumi.String("SampleCrossResourceAlert"),
			Schedule: &insights.ScheduleArgs{
				FrequencyInMinutes:  pulumi.Int(60),
				TimeWindowInMinutes: pulumi.Int(60),
			},
			Source: &insights.SourceArgs{
				AuthorizedResources: pulumi.StringArray{
					pulumi.String("/subscriptions/b67f7fec-69fc-4974-9099-a26bd6ffeda3/resourceGroups/Rac46PostSwapRG/providers/Microsoft.OperationalInsights/workspaces/sampleWorkspace"),
					pulumi.String("/subscriptions/b67f7fec-69fc-4974-9099-a26bd6ffeda3/resourceGroups/Rac46PostSwapRG/providers/microsoft.insights/components/sampleAI"),
				},
				DataSourceId: pulumi.String("/subscriptions/b67f7fec-69fc-4974-9099-a26bd6ffeda3/resourceGroups/Rac46PostSwapRG/providers/microsoft.insights/components/sampleAI"),
				Query:        pulumi.String("union requests, workspace(\"sampleWorkspace\").Update"),
				QueryType:    pulumi.String("ResultCount"),
			},
			Tags: nil,
		})
		if err != nil {
			return err
		}
		return nil
	})
}
Content copied to clipboard
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.azurenative.insights.ScheduledQueryRule;
import com.pulumi.azurenative.insights.ScheduledQueryRuleArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
    public static void main(String[] args) {
        Pulumi.run(App::stack);
    }
    public static void stack(Context ctx) {
        var scheduledQueryRule = new ScheduledQueryRule("scheduledQueryRule", ScheduledQueryRuleArgs.builder()
            .action(Map.ofEntries(
                Map.entry("aznsAction", Map.ofEntries(
                    Map.entry("actionGroup", "/subscriptions/b67f7fec-69fc-4974-9099-a26bd6ffeda3/resourceGroups/Rac46PostSwapRG/providers/microsoft.insights/actiongroups/test-ag"),
                    Map.entry("emailSubject", "Cross Resource Mail!!")
                )),
                Map.entry("odataType", "Microsoft.WindowsAzure.Management.Monitoring.Alerts.Models.Microsoft.AppInsights.Nexus.DataContracts.Resources.ScheduledQueryRules.AlertingAction"),
                Map.entry("severity", "3"),
                Map.entry("trigger", Map.ofEntries(
                    Map.entry("threshold", 5000),
                    Map.entry("thresholdOperator", "GreaterThan")
                ))
            ))
            .description("Sample Cross Resource alert")
            .enabled("true")
            .location("eastus")
            .resourceGroupName("Rac46PostSwapRG")
            .ruleName("SampleCrossResourceAlert")
            .schedule(Map.ofEntries(
                Map.entry("frequencyInMinutes", 60),
                Map.entry("timeWindowInMinutes", 60)
            ))
            .source(Map.ofEntries(
                Map.entry("authorizedResources",
                    "/subscriptions/b67f7fec-69fc-4974-9099-a26bd6ffeda3/resourceGroups/Rac46PostSwapRG/providers/Microsoft.OperationalInsights/workspaces/sampleWorkspace",
                    "/subscriptions/b67f7fec-69fc-4974-9099-a26bd6ffeda3/resourceGroups/Rac46PostSwapRG/providers/microsoft.insights/components/sampleAI"),
                Map.entry("dataSourceId", "/subscriptions/b67f7fec-69fc-4974-9099-a26bd6ffeda3/resourceGroups/Rac46PostSwapRG/providers/microsoft.insights/components/sampleAI"),
                Map.entry("query", "union requests, workspace(\"sampleWorkspace\").Update"),
                Map.entry("queryType", "ResultCount")
            ))
            .tags()
            .build());
    }
}
Content copied to clipboard

Create or Update rule - LogToMetricAction

using System.Collections.Generic;
using System.Linq;
using Pulumi;
using AzureNative = Pulumi.AzureNative;
return await Deployment.RunAsync(() =>
{
    var scheduledQueryRule = new AzureNative.Insights.ScheduledQueryRule("scheduledQueryRule", new()
    {
        Action = new AzureNative.Insights.Inputs.LogToMetricActionArgs
        {
            Criteria = new[]
            {
                new AzureNative.Insights.Inputs.CriteriaArgs
                {
                    Dimensions = new[] {},
                    MetricName = "Average_% Idle Time",
                },
            },
            OdataType = "Microsoft.WindowsAzure.Management.Monitoring.Alerts.Models.Microsoft.AppInsights.Nexus.DataContracts.Resources.ScheduledQueryRules.LogToMetricAction",
        },
        Description = "log to metric description",
        Enabled = "true",
        Location = "West Europe",
        ResourceGroupName = "alertsweu",
        RuleName = "logtometricfoo",
        Source = new AzureNative.Insights.Inputs.SourceArgs
        {
            DataSourceId = "/subscriptions/af52d502-a447-4bc6-8cb7-4780fbb00490/resourceGroups/alertsweu/providers/Microsoft.OperationalInsights/workspaces/alertsweu",
        },
        Tags = null,
    });
});
Content copied to clipboard
package main
import (
	insights "github.com/pulumi/pulumi-azure-native-sdk/insights"
	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		_, err := insights.NewScheduledQueryRule(ctx, "scheduledQueryRule", &insights.ScheduledQueryRuleArgs{
			Action: insights.LogToMetricAction{
				Criteria: []insights.Criteria{
					{
						Dimensions: []insights.Dimension{},
						MetricName: "Average_% Idle Time",
					},
				},
				OdataType: "Microsoft.WindowsAzure.Management.Monitoring.Alerts.Models.Microsoft.AppInsights.Nexus.DataContracts.Resources.ScheduledQueryRules.LogToMetricAction",
			},
			Description:       pulumi.String("log to metric description"),
			Enabled:           pulumi.String("true"),
			Location:          pulumi.String("West Europe"),
			ResourceGroupName: pulumi.String("alertsweu"),
			RuleName:          pulumi.String("logtometricfoo"),
			Source: &insights.SourceArgs{
				DataSourceId: pulumi.String("/subscriptions/af52d502-a447-4bc6-8cb7-4780fbb00490/resourceGroups/alertsweu/providers/Microsoft.OperationalInsights/workspaces/alertsweu"),
			},
			Tags: nil,
		})
		if err != nil {
			return err
		}
		return nil
	})
}
Content copied to clipboard
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.azurenative.insights.ScheduledQueryRule;
import com.pulumi.azurenative.insights.ScheduledQueryRuleArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
    public static void main(String[] args) {
        Pulumi.run(App::stack);
    }
    public static void stack(Context ctx) {
        var scheduledQueryRule = new ScheduledQueryRule("scheduledQueryRule", ScheduledQueryRuleArgs.builder()
            .action(Map.ofEntries(
                Map.entry("criteria", Map.ofEntries(
                    Map.entry("dimensions", ),
                    Map.entry("metricName", "Average_% Idle Time")
                )),
                Map.entry("odataType", "Microsoft.WindowsAzure.Management.Monitoring.Alerts.Models.Microsoft.AppInsights.Nexus.DataContracts.Resources.ScheduledQueryRules.LogToMetricAction")
            ))
            .description("log to metric description")
            .enabled("true")
            .location("West Europe")
            .resourceGroupName("alertsweu")
            .ruleName("logtometricfoo")
            .source(Map.of("dataSourceId", "/subscriptions/af52d502-a447-4bc6-8cb7-4780fbb00490/resourceGroups/alertsweu/providers/Microsoft.OperationalInsights/workspaces/alertsweu"))
            .tags()
            .build());
    }
}
Content copied to clipboard

Import

An existing resource can be imported using its type token, name, and identifier, e.g.

$ pulumi import azure-native:insights:ScheduledQueryRule logtometricfoo /subscriptions/af52d502-a447-4bc6-8cb7-4780fbb00490/resourceGroups/alertsweu/providers/microsoft.insights/scheduledqueryrules/logtometricfoo
Content copied to clipboard

Properties

Link copied to clipboard
val action: Output<Either<AlertingActionResponse, LogToMetricActionResponse>>

Action needs to be taken on rule execution.

Link copied to clipboard
val autoMitigate: Output<Boolean>?

The flag that indicates whether the alert should be automatically resolved or not. The default is false.

Link copied to clipboard
val createdWithApiVersion: Output<String>

The api-version used when creating this alert rule

Link copied to clipboard
val description: Output<String>?

The description of the Log Search rule.

Link copied to clipboard
val displayName: Output<String>?

The display name of the alert rule

Link copied to clipboard
val enabled: Output<String>?

The flag which indicates whether the Log Search rule is enabled. Value should be true or false

Link copied to clipboard
val etag: Output<String>

The etag field is not required. If it is provided in the response body, it must also be provided as a header per the normal etag convention. Entity tags are used for comparing two or more entities from the same requested resource. HTTP/1.1 uses entity tags in the etag (section 14.19), If-Match (section 14.24), If-None-Match (section 14.26), and If-Range (section 14.27) header fields.

Link copied to clipboard
val id: Output<String>
Link copied to clipboard
val isLegacyLogAnalyticsRule: Output<Boolean>

True if alert rule is legacy Log Analytic rule

Link copied to clipboard
val kind: Output<String>

Metadata used by portal/tooling/etc to render different UX experiences for resources of the same type; e.g. ApiApps are a kind of Microsoft.Web/sites type. If supported, the resource provider must validate and persist this value.

Link copied to clipboard
val lastUpdatedTime: Output<String>

Last time the rule was updated in IS08601 format.

Link copied to clipboard
val location: Output<String>

Resource location

Link copied to clipboard
val name: Output<String>

Azure resource name

Link copied to clipboard
val provisioningState: Output<String>

Provisioning state of the scheduled query rule

Link copied to clipboard
val pulumiChildResources: Set<KotlinResource>
Link copied to clipboard
Link copied to clipboard
Link copied to clipboard
val schedule: Output<ScheduleResponse>?

Schedule (Frequency, Time Window) for rule. Required for action type - AlertingAction

Link copied to clipboard
val source: Output<SourceResponse>

Data Source against which rule will Query Data

Link copied to clipboard
val tags: Output<Map<String, String>>?

Resource tags

Link copied to clipboard
val type: Output<String>

Azure resource type

Link copied to clipboard
val urn: Output<String>