def create(cmd, client, resource_group_name, activity_log_alert_name, scopes=None, condition=None, action_groups=frozenset(), tags=None, disable=False, description=None, webhook_properties=None): from msrestazure.tools import resource_id from azure.mgmt.monitor.models import (ActivityLogAlertResource, ActivityLogAlertAllOfCondition, ActivityLogAlertLeafCondition, ActivityLogAlertActionList) from azure.mgmt.monitor.models import ActivityLogAlertActionGroup as ActionGroup from azure.cli.core.commands.client_factory import get_subscription_id from knack.util import CLIError if not scopes: scopes = [resource_id(subscription=get_subscription_id(cmd.cli_ctx), resource_group=resource_group_name)] if _get_alert_settings(client, resource_group_name, activity_log_alert_name, throw_if_missing=False): raise CLIError('The activity log alert {} already exists in resource group {}.'.format(activity_log_alert_name, resource_group_name)) # Add alert conditions condition = condition or ActivityLogAlertAllOfCondition( all_of=[ActivityLogAlertLeafCondition(field='category', equals='ServiceHealth')]) # Add action groups action_group_rids = _normalize_names(cmd.cli_ctx, action_groups, resource_group_name, 'microsoft.insights', 'actionGroups') action_groups = [ActionGroup(action_group_id=i, webhook_properties=webhook_properties) for i in action_group_rids] alert_actions = ActivityLogAlertActionList(action_groups=action_groups) settings = ActivityLogAlertResource(location='global', scopes=scopes, condition=condition, actions=alert_actions, enabled=not disable, description=description, tags=tags) return client.create_or_update(resource_group_name=resource_group_name, activity_log_alert_name=activity_log_alert_name, activity_log_alert=settings)
def _normalize_condition(condition_instance): from azure.mgmt.monitor.models import ActivityLogAlertLeafCondition if isinstance(condition_instance, str): try: field, value = condition_instance.split('=') return '{}={}'.format(field.lower(), value), ActivityLogAlertLeafCondition(field=field, equals=value) except ValueError: # too many values to unpack or not enough values to unpack raise ValueError('Condition "{}" does not follow format FIELD=VALUE'.format(condition_instance)) elif isinstance(condition_instance, ActivityLogAlertLeafCondition): return '{}={}'.format(condition_instance.field.lower(), condition_instance.equals), condition_instance
def clone_activity_log(resourceGroupName, VmScaleSetID): activity_log_alerts = monitor_client.activity_log_alerts.list_by_resource_group( resourceGroupName) existing_mp_activitylog_alerts = [ i.name for i in activity_log_alerts if 'mp-alert' in i.name ] if len(existing_mp_activitylog_alerts) == 0: logging.info("No Activity log Alerts for MP present in RG: {}".format( resourceGroupName)) return True count = len(existing_mp_activitylog_alerts) existing_mp_activitylog_alert = existing_mp_activitylog_alerts[0] new_mp_activitylog_alert_name1 = existing_mp_activitylog_alert[:-1] + str( count + 1) new_mp_activitylog_alert_name2 = existing_mp_activitylog_alert[:-1] + str( count + 2) existing_alert = monitor_client.activity_log_alerts.get( resourceGroupName, existing_mp_activitylog_alert) condition1 = ActivityLogAlertAllOfCondition(all_of=[ ActivityLogAlertLeafCondition(field='category', equals='Administrative'), ActivityLogAlertLeafCondition( field='operationName', equals='Microsoft.Compute/virtualMachineScaleSets/delete/action'), ActivityLogAlertLeafCondition(field='resourceId', equals=VmScaleSetID) ]) condition2 = ActivityLogAlertAllOfCondition(all_of=[ ActivityLogAlertLeafCondition(field='category', equals='Administrative'), ActivityLogAlertLeafCondition( field='operationName', equals= 'Microsoft.Compute/virtualMachineScaleSets/virtualmachines/delete' ), ActivityLogAlertLeafCondition(field='resourceGroup', equals=resourceGroupName), ActivityLogAlertLeafCondition(field='resourceProvider', equals='Microsoft.Compute'), ActivityLogAlertLeafCondition( field='resourceType', equals='Microsoft.Compute/virtualMachineScaleSets/virtualMachines') ]) activity_log_alert1 = ActivityLogAlertResource( location=existing_alert.location, #scopes=existing_alert.scopes, scopes=[VmScaleSetID], actions=existing_alert.actions, condition=condition1) activity_log_alert2 = ActivityLogAlertResource( location=existing_alert.location, #scopes=existing_alert.scopes, scopes=[VmScaleSetID], actions=existing_alert.actions, condition=condition2) alert1 = monitor_client.activity_log_alerts.create_or_update( resource_group_name=resourceGroupName, activity_log_alert_name=new_mp_activitylog_alert_name1, activity_log_alert=activity_log_alert1) alert2 = monitor_client.activity_log_alerts.create_or_update( resource_group_name=resourceGroupName, activity_log_alert_name=new_mp_activitylog_alert_name2, activity_log_alert=activity_log_alert2)