alert_rules
Creates, updates, deletes, gets or lists a alert_rules resource.
Overview
| Name | alert_rules |
| Type | Resource |
| Id | azure.sentinel.alert_rules |
Fields
| Name | Datatype | Description |
|---|---|---|
etag | string | Etag of the azure resource |
kind | string | The kind of the alert rule |
Methods
| Name | Accessible by | Required Params | Description |
|---|---|---|---|
get | SELECT | resourceGroupName, ruleId, subscriptionId, workspaceName | Gets the alert rule. |
list | SELECT | resourceGroupName, subscriptionId, workspaceName | Gets all alert rules. |
create_or_update | INSERT | resourceGroupName, ruleId, subscriptionId, workspaceName, data__kind | Creates or updates the alert rule. |
delete | DELETE | resourceGroupName, ruleId, subscriptionId, workspaceName | Delete the alert rule. |
SELECT examples
Gets all alert rules.
SELECT
etag,
kind
FROM azure.sentinel.alert_rules
WHERE resourceGroupName = '{{ resourceGroupName }}'
AND subscriptionId = '{{ subscriptionId }}'
AND workspaceName = '{{ workspaceName }}';
INSERT example
Use the following StackQL query and manifest file to create a new alert_rules resource.
- All Properties
- Manifest
/*+ create */
INSERT INTO azure.sentinel.alert_rules (
resourceGroupName,
ruleId,
subscriptionId,
workspaceName,
data__kind,
etag,
kind
)
SELECT
'{{ resourceGroupName }}',
'{{ ruleId }}',
'{{ subscriptionId }}',
'{{ workspaceName }}',
'{{ data__kind }}',
'{{ etag }}',
'{{ kind }}'
;
- name: your_resource_model_name
props:
- name: etag
value: string
- name: kind
value: []
DELETE example
Deletes the specified alert_rules resource.
/*+ delete */
DELETE FROM azure.sentinel.alert_rules
WHERE resourceGroupName = '{{ resourceGroupName }}'
AND ruleId = '{{ ruleId }}'
AND subscriptionId = '{{ subscriptionId }}'
AND workspaceName = '{{ workspaceName }}';