Top / Microsoft Azure / Azure Monitor / Metric Alert

Azure Monitor Metric Alert

This page shows how to write Terraform and Azure Resource Manager for Monitor Metric Alert and write them securely.

terraform-logo

Review your .tf file for Azure best practices

Shisho Cloud, our free checker to make sure your Terraform configuration follows best practices, is available (beta).

azurerm_monitor_metric_alert (Terraform)

The Metric Alert in Monitor can be configured in Terraform with the resource name azurerm_monitor_metric_alert. The following sections describe 7 examples of how to use the resource and its parameters.

Example Usage from GitHub

alerts.tf#L12
resource "azurerm_monitor_metric_alert" "networkbitspersec" {
  name                = var.networkbitspersec
  resource_group_name = var.resourcegroup
  scopes              = [azurerm_network_interface.to_monitor.id]
  description         = "Action will be triggered when Bits ingressing Azure per second is greater than XX."
Alerts.tf#L14
resource "azurerm_monitor_metric_alert" "SynapsewpAlert" {
    depends_on = [
        azurerm_synapse_workspace.synapse_workspace,
        azurerm_monitor_action_group.alert-action-group
    ]
  name                = var.Synapsewp_Alert_name
Alerts.tf#L14
resource "azurerm_monitor_metric_alert" "StorageAccountAlert" {
    depends_on = [
        azurerm_storage_account.StorageAccount,
        azurerm_monitor_action_group.alert-action-group
    ]
  name                = var.Storage_Account_Alert_name
main.tf#L2
resource "azurerm_monitor_metric_alert" "Azure-StorageTableServices-Transactions" {
          name                = "Azure-StorageTableServices-Transactions"
          resource_group_name = var.resource_group_name
          scopes              = var.scopes
          description         = "Azure - Storage Table Services - Transactions{{name.name}} exceeds the previously estimated average.Please refer to the following reaction process:https://apptemetry/knowledgebase/Article.aspx?id=54321 Alerts generate an AIM ticket, viewable here (search via CI or Alert Name):https://apptemetry/AIM/alertsearch.aspx"
          frequency        =  "PT5M"
main.tf#L2
resource "azurerm_monitor_metric_alert" "Azure-StorageTableServices-Transactions" {
          name                = "Azure-StorageTableServices-Transactions"
          resource_group_name = var.resource_group_name
          scopes              = var.scopes
          description         = "Azure - Storage Table Services - Transactions{{name.name}} exceeds the previously estimated average.Please refer to the following reaction process:https://apptemetry/knowledgebase/Article.aspx?id=54321 Alerts generate an AIM ticket, viewable here (search via CI or Alert Name):https://apptemetry/AIM/alertsearch.aspx"
          frequency        =  "PT5M"
main.tf#L1
resource "azurerm_monitor_metric_alert" "Azure-LogicApps-TriggersSucceeded" {
          name                = "Azure-LogicApps-TriggersSucceeded"
          resource_group_name = var.resource_group_name
          scopes              = var.scopes
          description         = "Azure - Logic Apps - Triggers Succeeded{{name.name}} exceeds the previously estimated average.Please refer to the following reaction process:https://apptemetry/knowledgebase/Article.aspx?id=54321Alerts generate an AIM ticket, viewable here (search via CI or Alert Name):https://apptemetry/AIM/alertsearch.aspx"
          frequency        =  "PT15M"
main.tf#L1
resource "azurerm_monitor_metric_alert" "Azure-LogicApps-TriggersSucceeded" {
          name                = "Azure-LogicApps-TriggersSucceeded"
          resource_group_name = var.resource_group_name
          scopes              = var.scopes
          description         = "Azure - Logic Apps - Triggers Succeeded{{name.name}} exceeds the previously estimated average.Please refer to the following reaction process:https://apptemetry/knowledgebase/Article.aspx?id=54321Alerts generate an AIM ticket, viewable here (search via CI or Alert Name):https://apptemetry/AIM/alertsearch.aspx"
          frequency        =  "PT15M"

Review your Terraform file for Azure best practices

Shisho Cloud, our free checker to make sure your Terraform configuration follows best practices, is available (beta).

Parameters

The location of the target resource. Required when using subscription, resource group scope or multiple scopes.

The resource type (e.g. Microsoft.Compute/virtualMachines) of the target resource. Required when using subscription, resource group scope or multiple scopes.

>> from Terraform Registry

Explanation in Terraform Registry

Manages a Metric Alert within Azure Monitor.

>> from Terraform Registry

Tips: Best Practices for The Other Azure Monitor Resources

In addition to the azurerm_monitor_log_profile, Azure Monitor has the other resources that should be configured for security reasons. Please check some examples of those resources and precautions.

risk-label

azurerm_monitor_log_profile

Ensure to enable the activity retention log

It is better to enable the activity retention log to ensure that all the information required for an effective investigation is still available.

Review your Azure Monitor settings

In addition to the above, there are other security points you should be aware of making sure that your .tf files are protected in Shisho Cloud.

Microsoft.Insights/metricAlerts (Azure Resource Manager)

The metricAlerts in Microsoft.Insights can be configured in Azure Resource Manager with the resource name Microsoft.Insights/metricAlerts. The following sections describe how to use the resource and its parameters.

Example Usage from GitHub

azuredeploy-alerts.json#L103
            "type": "Microsoft.Insights/metricAlerts",
            "name": "[variables('alerts').confNodeOffline.name]",
            "apiVersion": "2018-03-01",
            "location": "global",
            "properties": {
                "description": "A Confluence node has just became unhealthly/gone offline. ",
azuredeploy-alerts.json#L134
            "type": "Microsoft.Insights/metricAlerts",
            "name": "[variables('alerts').jiraNodeOffline.name]",
            "apiVersion": "2018-03-01",
            "location": "global",
            "scale": null,
            "properties": {
azureMonitorAlerts.json
{
    "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentTemplate.json#",
    "contentVersion": "1.0.0.0",
    "parameters": {
        "appInsightName": {
Azure_Create_AzureBackupRG_eastus2_1_content.json#L330
      "type": "Microsoft.Insights/metricAlerts",
      "properties": {
        "scopes": [
          "[concat(parameters('servers_testtssql_externalid'), '/databases/sqldb2')]"
        ],
        "severity": 3,
easy-button-alerts.json#L84
            "type": "Microsoft.Insights/metricAlerts",
            "apiVersion": "2018-03-01",
            "name": "Critical Alerts - Static",
            "location": "global",
            "properties": {
                "severity": 0,
azuredeploy-alerts.json#L283
            "type": "Microsoft.Insights/metricAlerts",
            "apiVersion": "2018-03-01",
            "name": "[variables('alerts').sshLoadBalancerHealthCheckAlert.name]",
            "location": "global",
            "properties": {
                "description": "[variables('alerts').sshLoadBalancerHealthCheckAlert.description]",
Azure_Create_QA_INFRA_RG_content.json
{
  "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#",
  "contentVersion": "1.0.0.0",
  "variables": {},
  "parameters": {
GenerateAlertRules.json#L39
            "type": "Microsoft.Insights/metricAlerts",
            "name": "[concat('Network_In_Alert','-',parameters('alertVMs')[copyIndex()])]",
            "copy": {
                "name": "iterator",
                "count": "[length(parameters('alertVMs'))]"
            },
azuredeploy-alerts.json#L102
            "type": "Microsoft.Insights/metricAlerts",
            "name": "[variables('alerts').crowdNodeOffline.name]",
            "apiVersion": "2018-03-01",
            "location": "global",
            "properties": {
                "description": "A Crowd node has just became unhealthly/gone offline. ",
azuredeploy-alerts.json#L103
            "type": "Microsoft.Insights/metricAlerts",
            "name": "[variables('alerts').confNodeOffline.name]",
            "apiVersion": "2018-03-01",
            "location": "global",
            "properties": {
                "description": "A Confluence node has just became unhealthly/gone offline. ",

The Other Related Azure Monitor Resources

Frequently asked questions

What is Azure Monitor Metric Alert?

Azure Monitor Metric Alert is a resource for Monitor of Microsoft Azure. Settings can be wrote in Terraform.

Where can I find the example code for the Azure Monitor Metric Alert?

For Terraform, the haroon-yunus/Metrics, chaitanya867/KPMG-a.txt and chaitanya867/KPMG-a.txt source code examples are useful. See the Terraform Example section for further details.

For Azure Resource Manager, the ebizzity/atlassian-azure, ebizzity/atlassian-azure and Azure/iotedge-lorawan-starterkit source code examples are useful. See the Azure Resource Manager Example section for further details.

security-icon

Automate config file reviews on your commits

Fix issues in your infrastructure as code with auto-generated patches.

Table of Contents