def create(cmd, client, resource_group_name, activity_log_alert_name, scopes=None, condition=None, action_groups=frozenset(), tags=None, disable=False, description=None, webhook_properties=None): from msrestazure.tools import resource_id from azure.mgmt.monitor.models import (ActivityLogAlertResource, AlertRuleAllOfCondition, AlertRuleLeafCondition, ActionList) from azure.mgmt.monitor.models import ActionGroup from azure.cli.core.commands.client_factory import get_subscription_id from knack.util import CLIError if not scopes: scopes = [ resource_id(subscription=get_subscription_id(cmd.cli_ctx), resource_group=resource_group_name) ] if _get_alert_settings(client, resource_group_name, activity_log_alert_name, throw_if_missing=False): raise CLIError( 'The activity log alert {} already exists in resource group {}.'. format(activity_log_alert_name, resource_group_name)) # Add alert conditions condition = condition or AlertRuleAllOfCondition(all_of=[ AlertRuleLeafCondition(field='category', equals='ServiceHealth') ]) # Add action groups action_group_rids = _normalize_names(cmd.cli_ctx, action_groups, resource_group_name, 'microsoft.insights', 'actionGroups') action_groups = [ ActionGroup(action_group_id=i, webhook_properties=webhook_properties) for i in action_group_rids ] alert_actions = ActionList(action_groups=action_groups) settings = ActivityLogAlertResource(location='global', scopes=scopes, condition=condition, actions=alert_actions, enabled=not disable, description=description, tags=tags) return client.create_or_update( resource_group_name=resource_group_name, activity_log_alert_name=activity_log_alert_name, activity_log_alert=settings)
def clone_activity_log(resourceGroupName, VmScaleSetID): activity_log_alerts = monitor_client.activity_log_alerts.list_by_resource_group( resourceGroupName) existing_mp_activitylog_alerts = [ i.name for i in activity_log_alerts if 'mp-alert' in i.name ] if len(existing_mp_activitylog_alerts) == 0: logging.info("No Activity log Alerts for MP present in RG: {}".format( resourceGroupName)) return True count = len(existing_mp_activitylog_alerts) existing_mp_activitylog_alert = existing_mp_activitylog_alerts[0] new_mp_activitylog_alert_name1 = existing_mp_activitylog_alert[:-1] + str( count + 1) new_mp_activitylog_alert_name2 = existing_mp_activitylog_alert[:-1] + str( count + 2) existing_alert = monitor_client.activity_log_alerts.get( resourceGroupName, existing_mp_activitylog_alert) condition1 = ActivityLogAlertAllOfCondition(all_of=[ ActivityLogAlertLeafCondition(field='category', equals='Administrative'), ActivityLogAlertLeafCondition( field='operationName', equals='Microsoft.Compute/virtualMachineScaleSets/delete/action'), ActivityLogAlertLeafCondition(field='resourceId', equals=VmScaleSetID) ]) condition2 = ActivityLogAlertAllOfCondition(all_of=[ ActivityLogAlertLeafCondition(field='category', equals='Administrative'), ActivityLogAlertLeafCondition( field='operationName', equals= 'Microsoft.Compute/virtualMachineScaleSets/virtualmachines/delete' ), ActivityLogAlertLeafCondition(field='resourceGroup', equals=resourceGroupName), ActivityLogAlertLeafCondition(field='resourceProvider', equals='Microsoft.Compute'), ActivityLogAlertLeafCondition( field='resourceType', equals='Microsoft.Compute/virtualMachineScaleSets/virtualMachines') ]) activity_log_alert1 = ActivityLogAlertResource( location=existing_alert.location, #scopes=existing_alert.scopes, scopes=[VmScaleSetID], actions=existing_alert.actions, condition=condition1) activity_log_alert2 = ActivityLogAlertResource( location=existing_alert.location, #scopes=existing_alert.scopes, scopes=[VmScaleSetID], actions=existing_alert.actions, condition=condition2) alert1 = monitor_client.activity_log_alerts.create_or_update( resource_group_name=resourceGroupName, activity_log_alert_name=new_mp_activitylog_alert_name1, activity_log_alert=activity_log_alert1) alert2 = monitor_client.activity_log_alerts.create_or_update( resource_group_name=resourceGroupName, activity_log_alert_name=new_mp_activitylog_alert_name2, activity_log_alert=activity_log_alert2)