Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Scheduled query rules CMK check flag, stateful alerts and 1-minute frequency #17891

Closed
yanivlavi opened this issue Apr 27, 2021 · 8 comments · Fixed by Azure/azure-cli-extensions#3399 or Azure/azure-cli-extensions#3753
Closed

Scheduled query rules CMK check flag, stateful alerts and 1-minute frequency #17891

yanivlavi opened this issue Apr 27, 2021 · 8 comments · Fixed by Azure/azure-cli-extensions#3399 or Azure/azure-cli-extensions#3753
Assignees
@Jing-song @kairu-ms
Labels
feature-request Monitor az monitor
Milestone
Aug 2021 (2021-09...

Comments

@yanivlavi
Copy link

yanivlavi commented Apr 27, 2021
edited
Loading

Resource Provider
Scheduled query rules

Description of Feature or Work Requested
We added stateful log alerts (autoMitigate flag, alerts that automatically resolve), a flag to check if LA has linked storage (for CMK policy) and 1-minute frequency alerts.

Minimum API Version Required
2021-02-01-preview

Swagger Link
https://github.com/Azure/azure-rest-api-specs/blob/master/specification/monitor/resource-manager/Microsoft.Insights/preview/2021-02-01-preview/scheduledQueryRule_API.json
@ghost ghost added the needs-triage This is a new issue that needs to be triaged to the appropriate team. label Apr 27, 2021
@yonzhan yonzhan added the Monitor az monitor label Apr 28, 2021
@ghost ghost removed the needs-triage This is a new issue that needs to be triaged to the appropriate team. label Apr 28, 2021
@yonzhan yonzhan added feature-request needs-triage This is a new issue that needs to be triaged to the appropriate team. labels Apr 28, 2021
@ghost ghost removed the needs-triage This is a new issue that needs to be triaged to the appropriate team. label Apr 28, 2021
@yonzhan yonzhan added this to the S186 milestone Apr 28, 2021
@yonzhan
Copy link
Collaborator

yonzhan commented Apr 28, 2021

monitor

@yonzhan yonzhan modified the milestones: S186, S187, S188 Apr 28, 2021
@yanivlavi yanivlavi changed the title Scheduled query rules stateful alerts and 1-minute frequency Scheduled query rules CMK check flag, stateful alerts and 1-minute frequency May 10, 2021
@yonzhan yonzhan modified the milestones: S188, S187 May 13, 2021
@kairu-ms
Copy link
Contributor

@yanivlavi I get an error from new-version api that "(BadRequest) Alert rule payload cannot be empty". What does this mean?

@yanivlavi
Copy link
Author

@avjerafi Can you help here?

@avjerafi
Copy link

@kairu-ms This looks like the result of an unexpected parsing failure of some kind. Can you please share the body of the request?

@kairu-ms
Copy link
Contributor

@avjerafi I created a VM and tried to create a scheduled query for it. Below is the body of request.

{
   "location":"westus",
   "kind":"LogAlert",
   "properties":{
      "description":"Test rule",
      "severity":2.0,
      "enabled":true,
      "scopes":[
         "/subscriptions/0000000000000000000000000000000/resourceGroups/kairu/providers/Microsoft.Compute/virtualMachines/kairu-ws"
      ],
      "evaluationFrequency":"PT5M",
      "windowSize":"PT5M",
      "criteria":{
         "allOf":[
            {
               "query":"union Event, Syslog | where TimeGenerated > ago(1h)",
               "timeAggregation":"Count",
               "dimensions":[],
               "operator":"GreaterThan",
               "threshold":360.0,
               "failingPeriods":{
                  "numberOfEvaluationPeriods":1,
                  "minFailingPeriodsToAlert":1
               }
            }
         ]
      },
      "muteActionsDuration":"PT30M",
      "skipQueryValidation":false,
      "autoMitigate":false
   }
}

@avjerafi
Copy link

@kairu-ms The error is caused by the Severity value being provided as a float instead of as an integer.
Please use:
"severity":2,
instead of:
"severity":2.0,

@yanivlavi We should have validated the datatype and returned a specific validation error. I've opened a ticket for this.

@kairu-ms kairu-ms mentioned this issue May 19, 2021
Merged
3 tasks
@yonzhan yonzhan closed this as completed May 21, 2021
@kairu-ms kairu-ms reopened this Jun 24, 2021
@kairu-ms
Copy link
Contributor

Swagger updated by PR Azure/azure-rest-api-specs#14942

@yonzhan yonzhan modified the milestones: S187, S189 Jun 24, 2021
@yonzhan yonzhan modified the milestones: S189, Jul 2021 (2021-08-03) Jul 2, 2021
@kairu-ms kairu-ms removed this from the Jul 2021 (2021-08-03) milestone Jul 14, 2021
@kairu-ms kairu-ms added this to the Aug 2021 (2021-09-07) milestone Jul 14, 2021
@Jing-song
Copy link
Contributor

Azure/azure-cli-extensions#3753

@kairu-ms kairu-ms mentioned this issue Aug 13, 2021
Merged
3 tasks
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@Jing-song Jing-song

@kairu-ms kairu-ms

Labels
feature-request Monitor az monitor
Projects
None yet
Milestone
Aug 2021 (2021-09-07)
5 participants
@yanivlavi @Jing-song @yonzhan @avjerafi @kairu-ms