Reputation: 175
Get list of "new alerts" for azure monitor
I have KQL giving me counts of my alert by severity the only issue is when the user closes them (i.e updates the user response) no column in the alerts table is updated
So here is the azure triggered view
but the alerts table has nothing 
This strikes me as a fairly normal ask
Upvotes: 0
Views: 1397
Answers (1)
Reputation: 331
I am making the following assumption that you have a custom KQL query for Azure Resource Graph Explorer to identify Azure Monitor alerts.
Properties, such as alertState and monitorCondition are not standalone columns, but are nested properties within the dynamically typed "properties" column. As this is querying Azure Resource Graph, the records are updated directly, rather than adding a new log (as it would be in log analytics).
Below is a query that extracts the two relevant properties.
alertsmanagementresources
| extend alertState = tostring(parse_json(properties.essentials.alertState))
| extend monitorCondition = tostring(parse_json(properties.essentials.monitorCondition))
| project name, alertState, monitorCondition
If you need help, please share your query and what information you are looking to query.
Alistair
Upvotes: 2
Related Questions
- Query on Azure Monitor Alert Frequency of evaluation
- Script based Azure Alerts
- How can i trigger an azure monitoring alert manually?
- How to list Azure alerts that I created?
- Get all active alerts of a subscription in Azure Monitor using Python
- Azure alert monitor condition always stay the same
- Azure Alert off of Log Analytics Table Schema
- Azure Monitor - How to create an alert when a new subscription is created?
- List all Alert rules in Azure monitor using Azure CLI
- Create Azure Alerts with query to monitor multiple VM's?