Alerts Details
OverviewAMBA-ALZ Pattern: Activity Log AlertsAMBA-ALZ Pattern: Log-Search AlertsAMBA-ALZ Pattern: Metric Alerts
The provided resources, metric alerts, and configurations are intended as a starting point to address key monitoring questions such as “What should we monitor in Azure?” and “What alert settings should we use?”. These settings cover the most common components of an Azure Landing Zone. However, we recommend customizing these settings to better suit your specific monitoring needs and Azure usage.
If you have suggestions for additional resources to include, open an Issue on this page with the Azure resource provider and settings you would like to see implemented. While we cannot guarantee implementation, we will carefully consider all suggestions. Alternatively, if you wish to contribute directly, follow the steps in the Contributor Guide.
For details on which policy alert rules are included in the policy initiatives that are part of the AMBA-ALZ pattern, visit the Policy-Initiatives page.
The tables are designed to minimize horizontal scrolling, but they contains substantial information. We recommend clicking on the specific alert name to directly access the JSON definition of the alert.
Refer to the following sections to quickly identify any Activity Log based alert, such as Service Health alerts, with an Azure resource. This will save you time troubleshooting and allow you to focus on communicating with your user base or incorporating these alerts into your business continuity actions (remediations). The values for Aggregation, Operator, Threshold, WindowSize, Frequency, and Severity are based on field experience and customer implementations.
Refer to the following sections to quickly identify any Log-Search based alert, such as Azure Virtual Machine or Hybrid Virtual Machine alerts, with an Azure resource. This will save you time troubleshooting and allow you to focus on communicating with your user base or incorporating these alerts into your business continuity actions (remediations). The values for Aggregation, Operator, Threshold, WindowSize, Frequency, and Severity are based on field experience and customer implementations.
| Alert Policy Name | Alert Name | Alert Scope | Target Resource Type | Evaluation Period | Evaluation Frequency | Operator | Threshold | Severity | Enabled |
|---|---|---|---|---|---|---|---|---|---|
| Deploy Azure Monitor Baseline Alerts (AMBA-ALZ) - Azure VM Data Disk Read Latency Alert | subscription-VMHighDataDiskReadLatencyAlert | subscription | Microsoft.Compute/virtualMachines | PT15M | PT5M | GreaterThan | 30 | Warning | true |
| Deploy Azure Monitor Baseline Alerts (AMBA-ALZ) - Azure VM Data Disk Space Alert | subscription-VMLowDataDiskSpaceAlert | subscription | Microsoft.Compute/virtualMachines | PT15M | PT5M | GreaterThan | 10 | Warning | true |
| Deploy Azure Monitor Baseline Alerts (AMBA-ALZ) - Azure VM Data Disk Write Latency Alert | subscription-VMHighDataDiskWriteLatencyAlert | subscription | Microsoft.Compute/virtualMachines | PT15M | PT5M | GreaterThan | 30 | Warning | true |
| Deploy Azure Monitor Baseline Alerts (AMBA-ALZ) - Azure VM HeartBeat Alert | subscription-VMHeartBeatAlert | subscription | Microsoft.Compute/virtualMachines | PT6H | PT5M | GreaterThan | 10 | Error | true |
| Deploy Azure Monitor Baseline Alerts (AMBA-ALZ) - Azure VM Network Read Alert | subscription-VMHighNetworkInAlert | subscription | Microsoft.Compute/virtualMachines | PT15M | PT5M | GreaterThan | 10000000 | Warning | true |
| Deploy Azure Monitor Baseline Alerts (AMBA-ALZ) - Azure VM Network Write Alert | subscription-VMHighNetworkOutAlert | subscription | Microsoft.Compute/virtualMachines | PT15M | PT5M | GreaterThan | 10000000 | Warning | true |
| Deploy Azure Monitor Baseline Alerts (AMBA-ALZ) - Azure VM OS Disk Read Latency Alert | subscription-VMHighOSDiskReadLatencyAlert | subscription | Microsoft.Compute/virtualMachines | PT15M | PT5M | GreaterThan | 30 | Warning | true |
| Deploy Azure Monitor Baseline Alerts (AMBA-ALZ) - Azure VM OS Disk Space Alert | subscription-VMLowOSDiskSpaceAlert | subscription | Microsoft.Compute/virtualMachines | PT15M | PT5M | GreaterThan | 10 | Warning | true |
| Deploy Azure Monitor Baseline Alerts (AMBA-ALZ) - Azure VM OS Disk Write Latency Alert | subscription-VMHighOSDiskWriteLatencyAlert | subscription | Microsoft.Compute/virtualMachines | PT15M | PT5M | GreaterThan | 30 | Warning | true |
| Deploy Azure Monitor Baseline Alerts (AMBA-ALZ) - Azure VM CPU Alert | subscription-VMHighCPUAlert | subscription | Microsoft.Compute/virtualMachines | PT15M | PT5M | GreaterThan | 85 | Warning | true |
| Deploy Azure Monitor Baseline Alerts (AMBA-ALZ) - Azure VM Memory Alert | subscription-VMLowMemoryAlert | subscription | Microsoft.Compute/virtualMachines | PT15M | PT5M | GreaterThan | 10 | Warning | true |
| Deploy Azure Monitor Baseline Alerts (AMBA-ALZ) - Hybrid VM Data Disk Read Latency Alert | subscription-HybridVMHighDataDiskReadLatencyAlert | subscription | Microsoft.HybridCompute/machines | PT15M | PT5M | GreaterThan | 30 | Warning | true |
| Deploy Azure Monitor Baseline Alerts (AMBA-ALZ) - Hybrid VM Data Disk Space Alert | subscription-HybridVMLowDataDiskSpaceAlert | subscription | Microsoft.HybridCompute/machines | PT15M | PT5M | GreaterThan | 10 | Warning | true |
| Deploy Azure Monitor Baseline Alerts (AMBA-ALZ) - Hybrid VM Data Disk Write Latency Alert | subscription-HybridVMHighDataDiskWriteLatencyAlert | subscription | Microsoft.HybridCompute/machines | PT15M | PT5M | GreaterThan | 30 | Warning | true |
| Deploy Azure Monitor Baseline Alerts (AMBA-ALZ) - Hybrid VM Disconnected Alert | subscription-HybridVMDisconnectedAlert | subscription | Microsoft.HybridCompute/machines | P1D | PT10M | GreaterThan | 10m | Error | true |
| Deploy Azure Monitor Baseline Alerts (AMBA-ALZ) - Hybrid VM HeartBeat Alert | subscription-HybridVMHeartBeatAlert | subscription | Microsoft.HybridCompute/machines | PT6H | PT5M | GreaterThan | 10 | Error | true |
| Deploy Azure Monitor Baseline Alerts (AMBA-ALZ) - Hybrid VM Network Read Alert | subscription-HybridVMHighNetworkInAlert | subscription | Microsoft.HybridCompute/machines | PT15M | PT5M | GreaterThan | 10000000 | Warning | true |
| Deploy Azure Monitor Baseline Alerts (AMBA-ALZ) - Hybrid VM Network Write Alert | subscription-HybridVMHighNetworkOutAlert | subscription | Microsoft.HybridCompute/machines | PT15M | PT5M | GreaterThan | 10000000 | Warning | true |
| Deploy Azure Monitor Baseline Alerts (AMBA-ALZ) - Hybrid VM OS Disk Read Latency Alert | subscription-HybridVMHighOSDiskReadLatencyAlert | subscription | Microsoft.HybridCompute/machines | PT15M | PT5M | GreaterThan | 30 | Warning | true |
| Deploy Azure Monitor Baseline Alerts (AMBA-ALZ) - Hybrid VM OS Disk Space Alert | subscription-HybridVMLowOSDiskSpaceAlert | subscription | Microsoft.HybridCompute/machines | PT15M | PT5M | GreaterThan | 10 | Warning | true |
| Deploy Azure Monitor Baseline Alerts (AMBA-ALZ) - Hybrid VM OS Disk Write Latency Alert | subscription-HybridVMHighOSDiskWriteLatencyAlert | subscription | Microsoft.HybridCompute/machines | PT15M | PT5M | GreaterThan | 30 | Warning | true |
| Deploy Azure Monitor Baseline Alerts (AMBA-ALZ) - Hybrid VM CPU Alert | subscription-HybridVMHighCPUAlert | subscription | Microsoft.HybridCompute/machines | PT15M | PT5M | GreaterThan | 85 | Warning | true |
| Deploy Azure Monitor Baseline Alerts (AMBA-ALZ) - Hybrid VM Memory Alert | subscription-HybridVMLowMemoryAlert | subscription | Microsoft.HybridCompute/machines | PT15M | PT5M | GreaterThan | 10 | Warning | true |
| Deploy Azure Monitor Baseline Alerts (AMBA-ALZ) - Application Insights Throttling Limit Reached Alert | resourceName-ApplicationInsightsThrottlingLimitReachedAlert | resourceId-WorkspaceResourceId | Microsoft.Insights/components | P1D | PT1H | GreaterThan | 32000 | Warning | true |
| Deploy Azure Monitor Baseline Alerts (AMBA-ALZ) - LA Workspace Daily Cap Limit Reached Alert | resourceName-DailyCapLimitReachedAlert | resourceId | Microsoft.OperationalInsights/workspaces | P1D | PT1H | GreaterThan | 0 | Warning | true |
Refer to the following sections to quickly identify any Metric based alert, such as Azure Firewall, KeyVault, or Network alerts, with an Azure resource. This will save you time troubleshooting and allow you to focus on communicating with your user base or incorporating these alerts into your business continuity actions (remediations). The values for Aggregation, Operator, Threshold, WindowSize, Frequency, and Severity are based on field experience and customer implementations.
Only a limited number of resources support metric alert rules scoped at the subscription level, and these metric alerts apply only to resources deployed within the same region.
| Alert Policy Name | Alert Name | Alerts Scope | Target Resource Type | Evaluation Period | Evaluation Frequency | Metric | Aggregation | Operator | Threshold | Severity | Enabled |
|---|---|---|---|---|---|---|---|---|---|---|---|
| Deploy Azure Monitor Baseline Alerts (AMBA-ALZ) - Automation Account TotalJob Alert | resourceName-TotalJob | resourceId | Microsoft.Automation/automationAccounts | PT5M | PT1M | TotalJob | Average | GreaterThan | 0 | Warning | true |
| Deploy Azure Monitor Baseline Alerts (AMBA-ALZ) - FrontDoor CDN Profile Origin Health Percentage Alert | resourceName-OriginHealthPercentage | resourceId | Microsoft.Cdn/profiles | PT5M | PT5M | OriginHealthPercentage | Average | LessThan | 90 | Warning | true |
| Deploy Azure Monitor Baseline Alerts (AMBA-ALZ) - FrontDoor CDN Profile Origin Latency Alert | resourceName-OriginLatencyAlert | resourceId | Microsoft.Cdn/profiles | PT5M | PT5M | OriginLatency | Average | GreaterThan | DynamicThresholdCriterion | Warning | true |
| Deploy Azure Monitor Baseline Alerts (AMBA-ALZ) - FrontDoor CDN Profile Percentage4XX Alert | resourceName-Percentage4XXAlert | resourceId | Microsoft.Cdn/profiles | PT5M | PT5M | Percentage4XX | Average | GreaterThan | DynamicThresholdCriterion | Warning | true |
| Deploy Azure Monitor Baseline Alerts (AMBA-ALZ) - FrontDoor CDN Profile Percentage5XX Alert | resourceName-Percentage5XXAlert | resourceId | Microsoft.Cdn/profiles | PT5M | PT5M | Percentage5XX | Average | GreaterThan | DynamicThresholdCriterion | Warning | true |
| Deploy Azure VM Available Memory Alert | resourceName-AvailableMemoryAlert | resourceId | Microsoft.Compute/virtualMachines | PT5M | PT5M | Available Memory Bytes | Average | LessThan | 1000 | Warning | true |
| Deploy Azure Monitor Baseline Alerts (AMBA-ALZ) - Managed HSMs Availability Alert | resourceName-Availability | resourceId | microsoft.keyvault/managedHSMs | PT5M | PT1M | Availability | Average | LessThan | 90 | Error | true |
| Deploy Azure Monitor Baseline Alerts (AMBA-ALZ) - Managed HSMs Latency Alert | resourceName-LatencyAlert | resourceId | microsoft.keyvault/managedHSMs | PT5M | PT5M | ServiceApiLatency | Average | GreaterThan | 1000 | Informational | true |
| Deploy Azure Monitor Baseline Alerts (AMBA-ALZ) - Key Vault Availability Alert | resourceName-Availability | resourceId | microsoft.keyvault/vaults | PT5M | PT1M | Availability | Average | LessThan | 90 | Error | true |
| Deploy Azure Monitor Baseline Alerts (AMBA-ALZ) - Key Vault Capacity Alert | resourceName-CapacityAlert | resourceId | microsoft.keyvault/vaults | PT5M | PT1M | SaturationShoebox | Average | GreaterThan | 75 | Error | true |
| Deploy Azure Monitor Baseline Alerts (AMBA-ALZ) - Key Vault Latency Alert | resourceName-LatencyAlert | resourceId | microsoft.keyvault/vaults | PT5M | PT5M | ServiceApiLatency | Average | GreaterThan | 1000 | Informational | true |
| Deploy Azure Monitor Baseline Alerts (AMBA-ALZ) - Key Vault Requests Alert | resourceName-RequestsAlert | resourceId | microsoft.keyvault/vaults | PT5M | PT5M | ServiceApiResult | Average | GreaterThan | DynamicThresholdCriterion | Warning | true |
| Deploy Azure Monitor Baseline Alerts (AMBA-ALZ) - AGW ApplicationGatewayTotalTime Alert | resourceName-agApplicationGatewayTotalTime | resourceId | Microsoft.Network/applicationgateways | PT5M | PT1M | ApplicationGatewayTotalTime | Average | GreaterThan | DynamicThresholdCriterion | Warning | true |
| Deploy Azure Monitor Baseline Alerts (AMBA-ALZ) - AGW BackendLastByteResponseTime Alert | resourceName-agBackendLastByteResponseTime | resourceId | Microsoft.Network/applicationgateways | PT5M | PT1M | BackendLastByteResponseTime | Average | GreaterThan | DynamicThresholdCriterion | Warning | true |
| Deploy Azure Monitor Baseline Alerts (AMBA-ALZ) - AGW Capacity Units Alert | resourceName-agCapacityUnits | resourceId | Microsoft.Network/applicationgateways | PT5M | PT1M | CapacityUnits | Average | GreaterThan | 75 | Warning | true |
| Deploy Azure Monitor Baseline Alerts (AMBA-ALZ) - AGW Compute Units Alert | resourceName-agComputeUnits | resourceId | Microsoft.Network/applicationgateways | PT5M | PT1M | ComputeUnits | Average | GreaterThan | 75 | Warning | true |
| Deploy Azure Monitor Baseline Alerts (AMBA-ALZ) - AGW CPU Utilization Alert | resourceName-agCpuUtilization | resourceId | Microsoft.Network/applicationgateways | PT5M | PT1M | CpuUtilization | Average | GreaterThan | 80 | Warning | true |
| Deploy Azure Monitor Baseline Alerts (AMBA-ALZ) - AGW FailedRequests Alert | resourceName-agFailedRequests | resourceId | Microsoft.Network/applicationgateways | PT5M | PT1M | FailedRequests | Total | GreaterThan | DynamicThresholdCriterion | Warning | true |
| Deploy Azure Monitor Baseline Alerts (AMBA-ALZ) - AGW ResponseStatus Alert | resourceName-agResponseStatus | resourceId | Microsoft.Network/applicationgateways | PT5M | PT1M | ResponseStatus | Total | GreaterThan | DynamicThresholdCriterion | Warning | true |
| Deploy Azure Monitor Baseline Alerts (AMBA-ALZ) - AGW Unhealthy Host Count Alert | resourceName-agUnhealthyHostCount | resourceId | Microsoft.Network/applicationgateways | PT5M | PT1M | UnhealthyHostCount | Average | GreaterThan | 20 | Warning | true |
| Deploy Azure Monitor Baseline Alerts (AMBA-ALZ) - AFW FirewallHealth Alert | resourceName-FirewallHealth | resourceId | Microsoft.Network/azureFirewalls | PT5M | PT1M | FirewallHealth | Average | LessThan | 90 | Critical | true |
| Deploy Azure Monitor Baseline Alerts (AMBA-ALZ) - AFW SNATPortUtilization Alert | resourceName-SNATPortUtilization | resourceId | Microsoft.Network/azureFirewalls | PT5M | PT1M | SNATPortUtilization | Average | GreaterThan | 80 | Error | true |
| Deploy Azure Monitor Baseline Alerts (AMBA-ALZ) - ExpressRoute Circuits Arp Availability Alert | resourceName-ArpAvailability | resourceId | Microsoft.Network/expressRouteCircuits | PT5M | PT1M | ArpAvailability | Average | LessThan | 90 | Critical | true |
| Deploy Azure Monitor Baseline Alerts (AMBA-ALZ) - ExpressRoute Circuits Bgp Availability Alert | resourceName-BgpAvailability | resourceId | Microsoft.Network/expressRouteCircuits | PT5M | PT1M | BgpAvailability | Average | LessThan | 90 | Critical | true |
| Deploy Azure Monitor Baseline Alerts (AMBA-ALZ) - ExpressRoute Circuits QosDropBitsInPerSecond Alert | resourceName-QosDropBitsInPerSecond | resourceId | Microsoft.Network/expressRouteCircuits | PT5M | PT5M | QosDropBitsInPerSecond | Average | GreaterThan | DynamicThresholdCriterion | Warning | true |
| Deploy Azure Monitor Baseline Alerts (AMBA-ALZ) - ExpressRoute Circuits QosDropBitsOutPerSecond Alert | resourceName-QosDropBitsOutPerSecond | resourceId | Microsoft.Network/expressRouteCircuits | PT5M | PT5M | QosDropBitsOutPerSecond | Average | GreaterThan | DynamicThresholdCriterion | Warning | true |
| Deploy Azure Monitor Baseline Alerts (AMBA-ALZ) - ERG ExpressRoute Bits In Alert | resourceName-GatewayERBitsInAlert | resourceId | Microsoft.Network/expressroutegateways | PT5M | PT5M | ERGatewayConnectionBitsInPerSecond | Average | LessThan | 1 | Critical | true |
| Deploy Azure Monitor Baseline Alerts (AMBA-ALZ) - ERG ExpressRoute Bits Out Alert | resourceName-GatewayERBitsOutAlert | resourceId | Microsoft.Network/expressroutegateways | PT5M | PT5M | ERGatewayConnectionBitsOutPerSecond | Average | LessThan | 1 | Critical | true |
| Deploy Azure Monitor Baseline Alerts (AMBA-ALZ) - ERG ExpressRoute CPU Utilization Alert | resourceName-GatewayERCPUAlert | resourceId | Microsoft.Network/expressroutegateways | PT5M | PT1M | ExpressRouteGatewayCpuUtilization | Average | GreaterThan | 80 | Error | true |
| Deploy Azure Monitor Baseline Alerts (AMBA-ALZ) - ER Direct ExpressRoute Bits In Alert | resourceName-DirectERBitsInAlert | resourceId | Microsoft.Network/expressRoutePorts | PT5M | PT5M | PortBitsInPerSecond | Average | LessThan | 1 | Critical | true |
| Deploy Azure Monitor Baseline Alerts (AMBA-ALZ) - ER Direct ExpressRoute Bits Out Alert | resourceName-DirectERBitsOutAlert | resourceId | Microsoft.Network/expressRoutePorts | PT5M | PT5M | PortBitsOutPerSecond | Average | LessThan | 1 | Critical | true |
| Deploy Azure Monitor Baseline Alerts (AMBA-ALZ) - ER Direct ExpressRoute LineProtocol Alert | resourceName-DirectERLineProtocolAlert | resourceId | Microsoft.Network/expressRoutePorts | PT5M | PT5M | LineProtocol | Average | LessThan | 0.9 | Critical | true |
| Deploy Azure Monitor Baseline Alerts (AMBA-ALZ) - ER Direct ExpressRoute RxLightLevel High Alert | resourceName-DirectERRxLightLevelHighAlert | resourceId | Microsoft.Network/expressRoutePorts | PT5M | PT5M | RxLightLevel | Average | GreaterThan | 0 | Error | true |
| Deploy Azure Monitor Baseline Alerts (AMBA-ALZ) - ER Direct ExpressRoute RxLightLevel Low Alert | resourceName-DirectERRxLightLevelLowAlert | resourceId | Microsoft.Network/expressRoutePorts | PT5M | PT5M | RxLightLevel | Average | LessThan | -10 | Error | true |
| Deploy Azure Monitor Baseline Alerts (AMBA-ALZ) - ER Direct ExpressRoute TxLightLevel High Alert | resourceName-DirectERTxLightLevelHighAlert | resourceId | Microsoft.Network/expressRoutePorts | PT5M | PT5M | TxLightLevel | Average | GreaterThan | 0 | Error | true |
| Deploy Azure Monitor Baseline Alerts (AMBA-ALZ) - ER Direct ExpressRoute TxLightLevel Low Alert | resourceName-DirectERTxLightLevelLowAlert | resourceId | Microsoft.Network/expressRoutePorts | PT5M | PT5M | TxLightLevel | Average | LessThan | -10 | Error | true |
| Deploy Azure Monitor Baseline Alerts (AMBA-ALZ) - Frontdoor Backend Health Percentage Alert | resourceName-BackendHealthPercentage | resourceId | Microsoft.Network/frontdoors | PT5M | PT5M | BackendHealthPercentage | Average | LessThan | 90 | Warning | true |
| Deploy Azure Monitor Baseline Alerts (AMBA-ALZ) - Frontdoor Backend Request Latency Alert | resourceName-BackendRequestLatencyAlert | resourceId | Microsoft.Network/frontdoors | PT5M | PT5M | BackendRequestLatency | Average | GreaterThan | DynamicThresholdCriterion | Warning | true |
| Deploy Azure Monitor Baseline Alerts (AMBA-ALZ) - ALB Data Path Availability Alert | resourceName-ALBDataPathAvailability | resourceId | Microsoft.Network/loadBalancers | PT5M | PT1M | VipAvailability | Average | LessThan | 90 | Critical | true |
| Deploy Azure Monitor Baseline Alerts (AMBA-ALZ) - ALB Global Backend Availability Alert | resourceName-ALBGlobalBackendAvailability | resourceId | Microsoft.Network/loadBalancers | PT5M | PT1M | GlobalBackendAvailability | Average | LessThan | 90 | Critical | true |
| Deploy Azure Monitor Baseline Alerts (AMBA-ALZ) - ALB Health Probe Status Alert | resourceName-ALBHealthProbeStatus | resourceId | Microsoft.Network/loadBalancers | PT5M | PT1M | DipAvailability | Average | LessThan | 90 | Warning | true |
| Deploy Azure Monitor Baseline Alerts (AMBA-ALZ) - ALB Used SNAT Ports Alert | resourceName-ALBUsedSNATPorts | resourceId | Microsoft.Network/loadBalancers | PT5M | PT1M | UsedSNATPorts | Average | GreaterThan | 900 | Error | true |
| Deploy Azure Monitor Baseline Alerts (AMBA-ALZ) - PDNSZ Capacity Utilization Alert | resourceName-CapacityUtilizationAlert | resourceId | Microsoft.Network/privateDnsZones | PT1H | PT1H | VirtualNetworkLinkCapacityUtilization | Maximum | GreaterThanOrEqual | 80 | Warning | true |
| Deploy Azure Monitor Baseline Alerts (AMBA-ALZ) - PDNSZ Query Volume Alert | resourceName-QueryVolumeAlert | resourceId | Microsoft.Network/privateDnsZones | PT1H | PT1H | QueryVolume | Total | GreaterThanOrEqual | 500 | Verbose | true |
| Deploy Azure Monitor Baseline Alerts (AMBA-ALZ) - PDNSZ Record Set Capacity Alert | resourceName-RecordSet_Capacity_Utilization | resourceId | Microsoft.Network/privateDnsZones | PT1H | PT1H | RecordSetCapacityUtilization | Maximum | GreaterThanOrEqual | 80 | Warning | true |
| Deploy Azure Monitor Baseline Alerts (AMBA-ALZ) - PDNSZ Registration Capacity Utilization Alert | resourceName-RequestsAlert | resourceId | Microsoft.Network/privateDnsZones | PT1H | PT1H | VirtualNetworkWithRegistrationCapacityUtilization | Maximum | GreaterThanOrEqual | 80 | Warning | true |
| Deploy Azure Monitor Baseline Alerts (AMBA-ALZ) - PIP Bytes in DDoS Attack Alert | resourceName-BytesInDDOSAlert | resourceId | Microsoft.Network/publicIPAddresses | PT5M | PT5M | bytesinddos | Maximum | GreaterThan | 8000000 | Verbose | true |
| Deploy Azure Monitor Baseline Alerts (AMBA-ALZ) - PIP DDoS Attack Alert | resourceName-DDOS_Attack | resourceId | Microsoft.Network/publicIPAddresses | PT5M | PT5M | ifunderddosattack | Maximum | GreaterThan | 0 | Error | true |
| Deploy Azure Monitor Baseline Alerts (AMBA-ALZ) - PIP Packets in DDoS Attack Alert | resourceName-PacketsInDDosAlert | resourceId | Microsoft.Network/publicIPAddresses | PT5M | PT5M | PacketsInDDoS | Total | GreaterThanOrEqual | 40000 | Verbose | true |
| Deploy Azure Monitor Baseline Alerts (AMBA-ALZ) - PIP VIP Availability Alert | resourceName-VIPAvailabityAlert | resourceId | Microsoft.Network/publicIPAddresses | PT5M | PT1M | VipAvailability | Average | LessThan | 90 | Error | true |
| Deploy Azure Monitor Baseline Alerts (AMBA-ALZ) - Traffic Manager Endpoint Health Alert | resourceName-EndpointHealthAlert | resourceId | Microsoft.Network/trafficmanagerprofiles | PT5M | PT5M | ProbeAgentCurrentEndpointStateByProfileResourceId | Average | LessThan | 0.9 | Warning | true |
| Deploy Azure Monitor Baseline Alerts (AMBA-ALZ) - VNetG Tunnel Bandwidth Alert | resourceName-TunnelBandwidthAlert | resourceId | Microsoft.Network/virtualNetworkGateways | PT5M | PT1M | TunnelAverageBandwidth | Average | LessThan | 1 | Critical | true |
| Deploy Azure Monitor Baseline Alerts (AMBA-ALZ) - VNetG Tunnel Egress Alert | resourceName-TunnelEgressAlert | resourceId | Microsoft.Network/virtualNetworkGateways | PT5M | PT5M | TunnelEgressBytes | Average | LessThan | 1 | Critical | true |
| Deploy Azure Monitor Baseline Alerts (AMBA-ALZ) - VNetG Egress Packet Drop Count Alert | resourceName-TunnelEgressPacketDropCountAlert | resourceId | microsoft.network/virtualNetworkGateways | PT5M | PT5M | TunnelEgressPacketDropCount | Average | GreaterThan | DynamicThresholdCriterion | Informational | true |
| Deploy Azure Monitor Baseline Alerts (AMBA-ALZ) - VNetG Egress Packet Drop Mismatch Alert | resourceName-TunnelEgressPacketDropTSMismatchAlert | resourceId | microsoft.network/virtualNetworkGateways | PT5M | PT5M | TunnelEgressPacketDropTSMismatch | Average | GreaterThan | DynamicThresholdCriterion | Informational | true |
| Deploy Azure Monitor Baseline Alerts (AMBA-ALZ) - VNetG ExpressRoute Bits Per Second Alert | resourceName-GatewayERBitsAlert | resourceId | Microsoft.Network/virtualNetworkGateways | PT5M | PT1M | ExpressRouteGatewayBitsPerSecond | Average | LessThan | 1 | Critical | true |
| Deploy Azure Monitor Baseline Alerts (AMBA-ALZ) - VNetG ExpressRoute CPU Utilization Alert | resourceName-GatewayERCPUAlert | resourceId | Microsoft.Network/virtualNetworkGateways | PT5M | PT1M | ExpressRouteGatewayCpuUtilization | Average | GreaterThan | 80 | Error | true |
| Deploy Azure Monitor Baseline Alerts (AMBA-ALZ) - VNetG Tunnel Ingress Alert | resourceName-TunnelIngressAlert | resourceId | Microsoft.Network/virtualNetworkGateways | PT5M | PT5M | TunnelIngressBytes | Average | LessThan | 1 | Critical | true |
| Deploy Azure Monitor Baseline Alerts (AMBA-ALZ) - VNetG Ingress Packet Drop Count Alert | resourceName-TunnelIngressPacketDropCountAlert | resourceId | microsoft.network/virtualNetworkGateways | PT5M | PT5M | TunnelIngressPacketDropCount | Average | GreaterThan | DynamicThresholdCriterion | Informational | true |
| Deploy Azure Monitor Baseline Alerts (AMBA-ALZ) - VNetG Ingress Packet Drop Mismatch Alert | resourceName-TunnelIngressPacketDropTSMismatchAlert | resourceId | microsoft.network/virtualNetworkGateways | PT5M | PT5M | TunnelIngressPacketDropTSMismatch | Average | GreaterThan | DynamicThresholdCriterion | Informational | true |
| Deploy Azure Monitor Baseline Alerts (AMBA-ALZ) - VNet DDoS Attack Alert | resourceName-DDOSAttackAlert | resourceId | Microsoft.Network/virtualNetworks | PT5M | PT1M | ifunderddosattack | Maximum | GreaterThan | 0 | Error | true |
| Deploy Azure Monitor Baseline Alerts (AMBA-ALZ) - VPNG Bandwidth Utilization Alert | resourceName-GatewayBandwidthAlert | resourceId | microsoft.network/vpngateways | PT5M | PT1M | tunnelaveragebandwidth | Average | LessThan | 1 | Critical | true |
| Deploy Azure Monitor Baseline Alerts (AMBA-ALZ) - VPNG BGP Peer Status Alert | resourceName-BGPPeerStatusAlert | resourceId | microsoft.network/vpngateways | PT5M | PT1M | bgppeerstatus | Total | LessThan | 1 | Critical | true |
| Deploy Azure Monitor Baseline Alerts (AMBA-ALZ) - VPNG Egress Alert | resourceName-TunnelEgressAlert | resourceId | microsoft.network/vpngateways | PT5M | PT5M | tunnelegressbytes | Average | LessThan | 1 | Critical | true |
| Deploy Azure Monitor Baseline Alerts (AMBA-ALZ) - VPNG Egress Packet Drop Count Alert | resourceName-TunnelEgressPacketDropCountAlert | resourceId | microsoft.network/vpngateways | PT5M | PT5M | TunnelEgressPacketDropCount | Average | GreaterThan | DynamicThresholdCriterion | Informational | true |
| Deploy Azure Monitor Baseline Alerts (AMBA-ALZ) - VPNG Egress Packet Drop Mismatch Alert | resourceName-TunnelEgressPacketDropTSMismatchAlert | resourceId | microsoft.network/vpngateways | PT5M | PT5M | TunnelEgressPacketDropTSMismatch | Average | GreaterThan | DynamicThresholdCriterion | Informational | true |
| Deploy Azure Monitor Baseline Alerts (AMBA-ALZ) - VPNG Ingress Alert | resourceName-TunnelIngressAlert | resourceId | microsoft.network/vpngateways | PT5M | PT5M | tunnelingressbytes | Average | LessThan | 1 | Critical | true |
| Deploy Azure Monitor Baseline Alerts (AMBA-ALZ) - VPNG Ingress Packet Drop Count Alert | resourceName-TunnelIngressPacketDropCountAlert | resourceId | microsoft.network/vpngateways | PT5M | PT5M | TunnelIngressPacketDropCount | Average | GreaterThan | DynamicThresholdCriterion | Informational | true |
| Deploy Azure Monitor Baseline Alerts (AMBA-ALZ) - VPNG Ingress Packet Drop Mismatch Alert | resourceName-TunnelIngressPacketDropTSMismatchAlert | resourceId | microsoft.network/vpngateways | PT5M | PT5M | TunnelIngressPacketDropTSMismatch | Average | GreaterThan | DynamicThresholdCriterion | Informational | true |
| Deploy Azure Monitor Baseline Alerts (AMBA-ALZ) - SA Availability Alert | resourceName-AvailabilityAlert | resourceId | Microsoft.Storage/storageAccounts | PT5M | PT5M | Availability | Average | LessThan | 90 | Error | true |
| Deploy Azure Monitor Baseline Alerts (AMBA-ALZ) - App Service Plan CPU Percentage Alert | resourceName-CpuPercentage | resourceId | Microsoft.Web/serverfarms | PT5M | PT5M | CpuPercentage | Average | GreaterThan | 90 | Warning | true |
| Deploy Azure Monitor Baseline Alerts (AMBA-ALZ) - App Service Plan Disk Queue Length Alert | resourceName-DiskQueueLengthAlert | resourceId | Microsoft.Web/serverfarms | PT5M | PT5M | DiskQueueLength | Average | GreaterThan | DynamicThresholdCriterion | Warning | true |
| Deploy Azure Monitor Baseline Alerts (AMBA-ALZ) - App Service Plan Http Queue Length Alert | resourceName-HttpQueueLengthAlert | resourceId | Microsoft.Web/serverfarms | PT5M | PT5M | HttpQueueLength | Average | GreaterThan | DynamicThresholdCriterion | Warning | true |
| Deploy Azure Monitor Baseline Alerts (AMBA-ALZ) - App Service Plan Memory Percentage Alert | resourceName-MemoryPercentage | resourceId | Microsoft.Web/serverfarms | PT5M | PT5M | MemoryPercentage | Average | GreaterThan | 85 | Warning | true |
1 For more details on why the availability alert thresholds are lower than 100% in this solution when the product group documentation recommends 100%, see the FAQ.