alerts
Creates, updates, deletes, gets or lists an alerts resource.
Overview
| Name | alerts |
| Type | Resource |
| Id | azure.security.alerts |
Fields
The following fields are returned by SELECT queries:
- list_by_resource_group
- list
| Name | Datatype | Description |
|---|---|---|
id | string (arm-id) | Fully qualified resource ID for the resource. E.g. "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}" |
name | string | The name of the resource |
properties | object | describes security alert properties. |
systemData | object | Azure Resource Manager metadata containing createdBy and modifiedBy information. |
type | string | The type of the resource. E.g. "Microsoft.Compute/virtualMachines" or "Microsoft.Storage/storageAccounts" |
| Name | Datatype | Description |
|---|---|---|
id | string (arm-id) | Fully qualified resource ID for the resource. E.g. "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}" |
name | string | The name of the resource |
properties | object | describes security alert properties. |
systemData | object | Azure Resource Manager metadata containing createdBy and modifiedBy information. |
type | string | The type of the resource. E.g. "Microsoft.Compute/virtualMachines" or "Microsoft.Storage/storageAccounts" |
Methods
The following methods are available for this resource:
| Name | Accessible by | Required Params | Optional Params | Description |
|---|---|---|---|---|
list_by_resource_group | select | subscriptionId, resourceGroupName | api-version | List all the alerts that are associated with the resource group |
list | select | subscriptionId | api-version | List all the alerts that are associated with the subscription |
simulate | exec | subscriptionId, ascLocation | api-version | Simulate security alerts |
Parameters
Parameters can be passed in the WHERE clause of a query. Check the Methods section to see which parameters are required or optional for each operation.
| Name | Datatype | Description |
|---|---|---|
ascLocation | string | The location where ASC stores the data of the subscription. can be retrieved from Get locations |
resourceGroupName | string | The name of the resource group within the user's subscription. The name is case insensitive. |
subscriptionId | string | Azure subscription ID |
api-version | string | API version for the operation |
SELECT examples
- list_by_resource_group
- list
List all the alerts that are associated with the resource group
SELECT
id,
name,
properties,
systemData,
type
FROM azure.security.alerts
WHERE subscriptionId = '{{ subscriptionId }}' -- required
AND resourceGroupName = '{{ resourceGroupName }}' -- required
AND api-version = '{{ api-version }}'
;
List all the alerts that are associated with the subscription
SELECT
id,
name,
properties,
systemData,
type
FROM azure.security.alerts
WHERE subscriptionId = '{{ subscriptionId }}' -- required
AND api-version = '{{ api-version }}'
;
Lifecycle Methods
- simulate
Simulate security alerts
EXEC azure.security.alerts.simulate
@subscriptionId='{{ subscriptionId }}' --required,
@ascLocation='{{ ascLocation }}' --required,
@api-version='{{ api-version }}'
@@json=
'{
"properties": "{{ properties }}"
}'
;