machines
| Name | Type | Description |
|---|---|---|
| Hybrid Machine Available Memory Percentage | Log | Log Alert for Hybrid Machine Available Memory Percentage |
| Hybrid Machine Data Disk Free Space Percentage Alert | Log | Log Alert for Hybrid Machine Data Disk Free Space Percentage |
| Hybrid Machine Data Disk Read Latency Alert | Log | Log Alert for Hybrid Machine Data Disk Read Latency |
| Hybrid Machine Data Disk Write Latency Alert | Log | Log Alert for Hybrid Machine Data Disk Write Latency (ms) |
| Hybrid Machine Heartbeat Alert | Log | Log Alert for Hybrid Machine Heartbeat |
| Hybrid Machine Network Read Alert | Log | Log Alert for Hybrid Machine Network Read (bytes/sec) |
| Hybrid Machine Network Write Alert | Log | Log Alert for Hybrid Machine Network Write (bytes/sec) |
| Hybrid Machine OS Disk Free Space Percentage | Log | Log Alert for Hybrid Machine OS Disk Free Space Percentage |
| Hybrid Machine OS Disk Read Latency Alert | Log | Log Alert for Hybrid Machine Data OS Read Latency (ms) |
| Hybrid Machine OS Disk Write Latency (ms) | Log | Log Alert for Hybrid Machine OS Disk Write Latency (ms) |
| Hybrid Machine Processor Utilization Percentage | Log | Log Alert for Hybrid Machine Processor Utilization Percentage |
Dashboards:
Click a tab to view the dashboard template
{
"__inputs": [],
"__elements": {},
"__requires": [
{
"type": "panel",
"id": "bargauge",
"name": "Bar gauge",
"version": ""
},
{
"type": "grafana",
"id": "grafana",
"name": "Grafana",
"version": "9.5.12"
},
{
"type": "datasource",
"id": "grafana-azure-monitor-datasource",
"name": "Azure Monitor",
"version": "1.0.0"
}
],
"title": "Machines",
"editable": true,
"links": [],
"liveNow": false,
"panels": [
{
"title": "Hybrid Machine Available Memory Percentage",
"datasource": {
"type": "grafana-azure-monitor-datasource",
"uid": "${ds}"
},
"fieldConfig": {
"defaults": {
"color": {
"mode": "thresholds"
},
"mappings": [],
"thresholds": {
"mode": "absolute",
"steps": [
{
"color": "#808080",
"value": null
},
{
"color": "dark-red",
"value": 0
},
{
"color": "dark-green",
"value": 10
}
]
}
},
"overrides": []
},
"gridPos": {
"h": 8,
"w": 12,
"x": 0,
"y": 0
},
"id": 1,
"options": {
"displayMode": "basic",
"minVizHeight": 10,
"minVizWidth": 0,
"orientation": "horizontal",
"reduceOptions": {
"calcs": [
"lastNotNull"
],
"fields": "",
"values": true
},
"showUnfilled": true,
"valueMode": "color"
},
"pluginVersion": "9.5.12",
"targets": [
{
"azureLogAnalytics": {
"query": "InsightsMetrics | where _ResourceId has \"Microsoft.HybridCompute/machines\" | where Origin == \"vm.azm.ms\" | where Namespace == \"Memory\" and Name == \"AvailableMB\" | extend TotalMemory = toreal(todynamic(Tags)[\"vm.azm.ms/memorySizeMB\"]) | extend AvailableMemoryPercentage = (toreal(Val) / TotalMemory) * 100.0 | summarize AggregatedValue = avg(AvailableMemoryPercentage) by bin(TimeGenerated,15m), Computer, _ResourceId",
"resources": [
"/subscriptions/$sub"
]
},
"azureMonitor": {
"allowedTimeGrainsMs": [],
"timeGrain": "auto"
},
"datasource": {
"type": "grafana-azure-monitor-datasource",
"uid": "${ds}"
},
"queryType": "Azure Log Analytics",
"refId": "A"
}
],
"transformations": [
{
"id": "organize",
"options": {
"excludeByName": {
"_ResourceId": true
},
"indexByName": {},
"renameByName": {}
}
}
],
"type": "bargauge"
},
{
"title": "Hybrid Machine Data Disk Free Space Percentage Alert",
"datasource": {
"type": "grafana-azure-monitor-datasource",
"uid": "${ds}"
},
"fieldConfig": {
"defaults": {
"color": {
"mode": "thresholds"
},
"mappings": [],
"thresholds": {
"mode": "absolute",
"steps": [
{
"color": "#808080",
"value": null
},
{
"color": "dark-red",
"value": 0
},
{
"color": "dark-green",
"value": 10
}
]
}
},
"overrides": []
},
"gridPos": {
"h": 8,
"w": 12,
"x": 12,
"y": 0
},
"id": 2,
"options": {
"displayMode": "basic",
"minVizHeight": 10,
"minVizWidth": 0,
"orientation": "horizontal",
"reduceOptions": {
"calcs": [
"lastNotNull"
],
"fields": "",
"values": true
},
"showUnfilled": true,
"valueMode": "color"
},
"pluginVersion": "9.5.12",
"targets": [
{
"azureLogAnalytics": {
"query": "InsightsMetrics | where _ResourceId has \"Microsoft.HybridCompute/machines\" | where Origin == \"vm.azm.ms\" | where Namespace == \"LogicalDisk\"and Name == \"FreeSpacePercentage\" | extend Disk=tostring(todynamic(Tags)[\"vm.azm.ms/mountId\"]) | where Disk !in (\"C:\",\"/\") | summarize AggregatedValue = avg(Val) by bin(TimeGenerated,15m), Computer,_ResourceId, Disk",
"resources": [
"/subscriptions/$sub"
]
},
"azureMonitor": {
"allowedTimeGrainsMs": [],
"timeGrain": "auto"
},
"datasource": {
"type": "grafana-azure-monitor-datasource",
"uid": "${ds}"
},
"queryType": "Azure Log Analytics",
"refId": "A"
}
],
"transformations": [
{
"id": "organize",
"options": {
"excludeByName": {
"_ResourceId": true
},
"indexByName": {},
"renameByName": {}
}
}
],
"type": "bargauge"
},
{
"title": "Hybrid Machine Data Disk Read Latency Alert",
"datasource": {
"type": "grafana-azure-monitor-datasource",
"uid": "${ds}"
},
"fieldConfig": {
"defaults": {
"color": {
"mode": "thresholds"
},
"mappings": [],
"thresholds": {
"mode": "absolute",
"steps": [
{
"color": "#808080",
"value": null
},
{
"color": "dark-green",
"value": 0
},
{
"color": "dark-red",
"value": 25
}
]
}
},
"overrides": []
},
"gridPos": {
"h": 8,
"w": 12,
"x": 0,
"y": 8
},
"id": 3,
"options": {
"displayMode": "basic",
"minVizHeight": 10,
"minVizWidth": 0,
"orientation": "horizontal",
"reduceOptions": {
"calcs": [
"lastNotNull"
],
"fields": "",
"values": true
},
"showUnfilled": true,
"valueMode": "color"
},
"pluginVersion": "9.5.12",
"targets": [
{
"azureLogAnalytics": {
"query": "InsightsMetrics | where _ResourceId has \"Microsoft.HybridCompute/machines\" | where Origin == \"vm.azm.ms\" | where Namespace == \"LogicalDisk\" and Name == \"ReadLatencyMs\" | extend Disk=tostring(todynamic(Tags)[\"vm.azm.ms/mountId\"]) | where Disk !in (\"C:\", \"/\") | summarize AggregatedValue = avg(Val) by bin(TimeGenerated, 15m), Computer, _ResourceId, Disk",
"resources": [
"/subscriptions/$sub"
]
},
"azureMonitor": {
"allowedTimeGrainsMs": [],
"timeGrain": "auto"
},
"datasource": {
"type": "grafana-azure-monitor-datasource",
"uid": "${ds}"
},
"queryType": "Azure Log Analytics",
"refId": "A"
}
],
"transformations": [
{
"id": "organize",
"options": {
"excludeByName": {
"_ResourceId": true
},
"indexByName": {},
"renameByName": {}
}
}
],
"type": "bargauge"
},
{
"title": "Hybrid Machine Data Disk Write Latency Alert",
"datasource": {
"type": "grafana-azure-monitor-datasource",
"uid": "${ds}"
},
"fieldConfig": {
"defaults": {
"color": {
"mode": "thresholds"
},
"mappings": [],
"thresholds": {
"mode": "absolute",
"steps": [
{
"color": "#808080",
"value": null
},
{
"color": "dark-green",
"value": 0
},
{
"color": "dark-red",
"value": 25
}
]
}
},
"overrides": []
},
"gridPos": {
"h": 8,
"w": 12,
"x": 12,
"y": 8
},
"id": 4,
"options": {
"displayMode": "basic",
"minVizHeight": 10,
"minVizWidth": 0,
"orientation": "horizontal",
"reduceOptions": {
"calcs": [
"lastNotNull"
],
"fields": "",
"values": true
},
"showUnfilled": true,
"valueMode": "color"
},
"pluginVersion": "9.5.12",
"targets": [
{
"azureLogAnalytics": {
"query": "InsightsMetrics | where _ResourceId has \"Microsoft.HybridCompute/machines\" | where Origin == \"vm.azm.ms\" | where Namespace == \"LogicalDisk\" and Name == \"WriteLatencyMs\" | extend Disk=tostring(todynamic(Tags)[\"vm.azm.ms/mountId\"]) | where Disk !in (\"C:\",\"/\") | summarize AggregatedValue = avg(Val) by bin(TimeGenerated,15m), Computer, _ResourceId, Disk",
"resources": [
"/subscriptions/$sub"
]
},
"azureMonitor": {
"allowedTimeGrainsMs": [],
"timeGrain": "auto"
},
"datasource": {
"type": "grafana-azure-monitor-datasource",
"uid": "${ds}"
},
"queryType": "Azure Log Analytics",
"refId": "A"
}
],
"transformations": [
{
"id": "organize",
"options": {
"excludeByName": {
"_ResourceId": true
},
"indexByName": {},
"renameByName": {}
}
}
],
"type": "bargauge"
},
{
"title": "Hybrid Machine Heartbeat Alert",
"datasource": {
"type": "grafana-azure-monitor-datasource",
"uid": "${ds}"
},
"fieldConfig": {
"defaults": {
"color": {
"mode": "thresholds"
},
"mappings": [],
"thresholds": {
"mode": "absolute",
"steps": [
{
"color": "#808080",
"value": null
},
{
"color": "dark-green",
"value": 0
},
{
"color": "dark-red",
"value": 10
}
]
}
},
"overrides": []
},
"gridPos": {
"h": 8,
"w": 12,
"x": 0,
"y": 16
},
"id": 5,
"options": {
"displayMode": "basic",
"minVizHeight": 10,
"minVizWidth": 0,
"orientation": "horizontal",
"reduceOptions": {
"calcs": [
"lastNotNull"
],
"fields": "",
"values": true
},
"showUnfilled": true,
"valueMode": "color"
},
"pluginVersion": "9.5.12",
"targets": [
{
"azureLogAnalytics": {
"query": "Heartbeat | where _ResourceId has \"Microsoft.HybridCompute/machines\" | summarize TimeGenerated=max(TimeGenerated) by Computer, _ResourceId | extend Duration = datetime_diff(\"minute\",now(),TimeGenerated) | summarize AggregatedValue = min(Duration) by Computer, bin(TimeGenerated,5m), _ResourceId",
"resources": [
"/subscriptions/$sub"
]
},
"azureMonitor": {
"allowedTimeGrainsMs": [],
"timeGrain": "auto"
},
"datasource": {
"type": "grafana-azure-monitor-datasource",
"uid": "${ds}"
},
"queryType": "Azure Log Analytics",
"refId": "A"
}
],
"transformations": [
{
"id": "organize",
"options": {
"excludeByName": {
"_ResourceId": true
},
"indexByName": {},
"renameByName": {}
}
}
],
"type": "bargauge"
},
{
"title": "Hybrid Machine Network Read Alert",
"datasource": {
"type": "grafana-azure-monitor-datasource",
"uid": "${ds}"
},
"fieldConfig": {
"defaults": {
"color": {
"mode": "thresholds"
},
"mappings": [],
"thresholds": {
"mode": "absolute",
"steps": [
{
"color": "#808080",
"value": null
},
{
"color": "dark-green",
"value": 0
},
{
"color": "dark-red",
"value": 10000000
}
]
}
},
"overrides": []
},
"gridPos": {
"h": 8,
"w": 12,
"x": 12,
"y": 16
},
"id": 6,
"options": {
"displayMode": "basic",
"minVizHeight": 10,
"minVizWidth": 0,
"orientation": "horizontal",
"reduceOptions": {
"calcs": [
"lastNotNull"
],
"fields": "",
"values": true
},
"showUnfilled": true,
"valueMode": "color"
},
"pluginVersion": "9.5.12",
"targets": [
{
"azureLogAnalytics": {
"query": "InsightsMetrics | where _ResourceId has \"Microsoft.HybridCompute/machines\" | where Origin == \"vm.azm.ms\" | where Namespace == \"Network\" and Name == \"ReadBytesPerSecond\" | extend NetworkInterface=tostring(todynamic(Tags)[\"vm.azm.ms/networkDeviceId\"]) | summarize AggregatedValue = avg(Val) by bin(TimeGenerated, 15m), Computer, _ResourceId, NetworkInterface",
"resources": [
"/subscriptions/$sub"
]
},
"azureMonitor": {
"allowedTimeGrainsMs": [],
"timeGrain": "auto"
},
"datasource": {
"type": "grafana-azure-monitor-datasource",
"uid": "${ds}"
},
"queryType": "Azure Log Analytics",
"refId": "A"
}
],
"transformations": [
{
"id": "organize",
"options": {
"excludeByName": {
"_ResourceId": true
},
"indexByName": {},
"renameByName": {}
}
}
],
"type": "bargauge"
},
{
"title": "Hybrid Machine Network Write Alert",
"datasource": {
"type": "grafana-azure-monitor-datasource",
"uid": "${ds}"
},
"fieldConfig": {
"defaults": {
"color": {
"mode": "thresholds"
},
"mappings": [],
"thresholds": {
"mode": "absolute",
"steps": [
{
"color": "#808080",
"value": null
},
{
"color": "dark-green",
"value": 0
},
{
"color": "dark-red",
"value": 10000000
}
]
}
},
"overrides": []
},
"gridPos": {
"h": 8,
"w": 12,
"x": 0,
"y": 24
},
"id": 7,
"options": {
"displayMode": "basic",
"minVizHeight": 10,
"minVizWidth": 0,
"orientation": "horizontal",
"reduceOptions": {
"calcs": [
"lastNotNull"
],
"fields": "",
"values": true
},
"showUnfilled": true,
"valueMode": "color"
},
"pluginVersion": "9.5.12",
"targets": [
{
"azureLogAnalytics": {
"query": "InsightsMetrics | where _ResourceId has \"Microsoft.HybridCompute/machines\" | where Origin == \"vm.azm.ms\" | where Namespace == \"Network\" and Name == \"WriteBytesPerSecond\" | extend NetworkInterface=tostring(todynamic(Tags)[\"vm.azm.ms/networkDeviceId\"]) | summarize AggregatedValue = avg(Val) by bin(TimeGenerated, 15m), Computer, _ResourceId, NetworkInterface",
"resources": [
"/subscriptions/$sub"
]
},
"azureMonitor": {
"allowedTimeGrainsMs": [],
"timeGrain": "auto"
},
"datasource": {
"type": "grafana-azure-monitor-datasource",
"uid": "${ds}"
},
"queryType": "Azure Log Analytics",
"refId": "A"
}
],
"transformations": [
{
"id": "organize",
"options": {
"excludeByName": {
"_ResourceId": true
},
"indexByName": {},
"renameByName": {}
}
}
],
"type": "bargauge"
},
{
"title": "Hybrid Machine OS Disk Free Space Percentage",
"datasource": {
"type": "grafana-azure-monitor-datasource",
"uid": "${ds}"
},
"fieldConfig": {
"defaults": {
"color": {
"mode": "thresholds"
},
"mappings": [],
"thresholds": {
"mode": "absolute",
"steps": [
{
"color": "#808080",
"value": null
},
{
"color": "dark-red",
"value": 0
},
{
"color": "dark-green",
"value": 10
}
]
}
},
"overrides": []
},
"gridPos": {
"h": 8,
"w": 12,
"x": 12,
"y": 24
},
"id": 8,
"options": {
"displayMode": "basic",
"minVizHeight": 10,
"minVizWidth": 0,
"orientation": "horizontal",
"reduceOptions": {
"calcs": [
"lastNotNull"
],
"fields": "",
"values": true
},
"showUnfilled": true,
"valueMode": "color"
},
"pluginVersion": "9.5.12",
"targets": [
{
"azureLogAnalytics": {
"query": "InsightsMetrics | where _ResourceId has \"Microsoft.HybridCompute/machines\" | where Origin == \"vm.azm.ms\" | where Namespace == \"LogicalDisk\" and Name == \"FreeSpacePercentage\" | extend Disk=tostring(todynamic(Tags)[\"vm.azm.ms/mountId\"]) | where Disk in (\"C:\",\"/\") | summarize AggregatedValue = avg(Val) by bin(TimeGenerated, 15m), Computer, _ResourceId, Disk",
"resources": [
"/subscriptions/$sub"
]
},
"azureMonitor": {
"allowedTimeGrainsMs": [],
"timeGrain": "auto"
},
"datasource": {
"type": "grafana-azure-monitor-datasource",
"uid": "${ds}"
},
"queryType": "Azure Log Analytics",
"refId": "A"
}
],
"transformations": [
{
"id": "organize",
"options": {
"excludeByName": {
"_ResourceId": true
},
"indexByName": {},
"renameByName": {}
}
}
],
"type": "bargauge"
},
{
"title": "Hybrid Machine OS Disk Read Latency Alert",
"datasource": {
"type": "grafana-azure-monitor-datasource",
"uid": "${ds}"
},
"fieldConfig": {
"defaults": {
"color": {
"mode": "thresholds"
},
"mappings": [],
"thresholds": {
"mode": "absolute",
"steps": [
{
"color": "#808080",
"value": null
},
{
"color": "dark-green",
"value": 0
},
{
"color": "dark-red",
"value": 25
}
]
}
},
"overrides": []
},
"gridPos": {
"h": 8,
"w": 12,
"x": 0,
"y": 32
},
"id": 9,
"options": {
"displayMode": "basic",
"minVizHeight": 10,
"minVizWidth": 0,
"orientation": "horizontal",
"reduceOptions": {
"calcs": [
"lastNotNull"
],
"fields": "",
"values": true
},
"showUnfilled": true,
"valueMode": "color"
},
"pluginVersion": "9.5.12",
"targets": [
{
"azureLogAnalytics": {
"query": "InsightsMetrics | where _ResourceId has \"Microsoft.HybridCompute/machines\" | where Origin == \"vm.azm.ms\" | where Namespace == \"LogicalDisk\" and Name == \"ReadLatencyMs\" | extend Disk=tostring(todynamic(Tags)[\"vm.azm.ms/mountId\"]) | where Disk in (\"C:\",\"/\") | summarize AggregatedValue = avg(Val) by bin(TimeGenerated, 15m), Computer, _ResourceId, Disk",
"resources": [
"/subscriptions/$sub"
]
},
"azureMonitor": {
"allowedTimeGrainsMs": [],
"timeGrain": "auto"
},
"datasource": {
"type": "grafana-azure-monitor-datasource",
"uid": "${ds}"
},
"queryType": "Azure Log Analytics",
"refId": "A"
}
],
"transformations": [
{
"id": "organize",
"options": {
"excludeByName": {
"_ResourceId": true
},
"indexByName": {},
"renameByName": {}
}
}
],
"type": "bargauge"
},
{
"title": "Hybrid Machine OS Disk Write Latency (ms)",
"datasource": {
"type": "grafana-azure-monitor-datasource",
"uid": "${ds}"
},
"fieldConfig": {
"defaults": {
"color": {
"mode": "thresholds"
},
"mappings": [],
"thresholds": {
"mode": "absolute",
"steps": [
{
"color": "#808080",
"value": null
},
{
"color": "dark-green",
"value": 0
},
{
"color": "dark-red",
"value": 25
}
]
}
},
"overrides": []
},
"gridPos": {
"h": 8,
"w": 12,
"x": 12,
"y": 32
},
"id": 10,
"options": {
"displayMode": "basic",
"minVizHeight": 10,
"minVizWidth": 0,
"orientation": "horizontal",
"reduceOptions": {
"calcs": [
"lastNotNull"
],
"fields": "",
"values": true
},
"showUnfilled": true,
"valueMode": "color"
},
"pluginVersion": "9.5.12",
"targets": [
{
"azureLogAnalytics": {
"query": "InsightsMetrics | where _ResourceId has \"Microsoft.HybridCompute/machines\" | where Origin == \"vm.azm.ms\" | where Namespace == \"LogicalDisk\" and Name == \"WriteLatencyMs\" | extend Disk=tostring(todynamic(Tags)[\"vm.azm.ms/mountId\"]) | where Disk in (\"C:\",\"/\") | summarize AggregatedValue = avg(Val) by bin(TimeGenerated, 15m), Computer, _ResourceId, Disk",
"resources": [
"/subscriptions/$sub"
]
},
"azureMonitor": {
"allowedTimeGrainsMs": [],
"timeGrain": "auto"
},
"datasource": {
"type": "grafana-azure-monitor-datasource",
"uid": "${ds}"
},
"queryType": "Azure Log Analytics",
"refId": "A"
}
],
"transformations": [
{
"id": "organize",
"options": {
"excludeByName": {
"_ResourceId": true
},
"indexByName": {},
"renameByName": {}
}
}
],
"type": "bargauge"
},
{
"title": "Hybrid Machine Processor Utilization Percentage",
"datasource": {
"type": "grafana-azure-monitor-datasource",
"uid": "${ds}"
},
"fieldConfig": {
"defaults": {
"color": {
"mode": "thresholds"
},
"mappings": [],
"thresholds": {
"mode": "absolute",
"steps": [
{
"color": "#808080",
"value": null
},
{
"color": "dark-green",
"value": 0
},
{
"color": "dark-red",
"value": 85
}
]
}
},
"overrides": []
},
"gridPos": {
"h": 8,
"w": 12,
"x": 0,
"y": 40
},
"id": 11,
"options": {
"displayMode": "basic",
"minVizHeight": 10,
"minVizWidth": 0,
"orientation": "horizontal",
"reduceOptions": {
"calcs": [
"lastNotNull"
],
"fields": "",
"values": true
},
"showUnfilled": true,
"valueMode": "color"
},
"pluginVersion": "9.5.12",
"targets": [
{
"azureLogAnalytics": {
"query": "InsightsMetrics | where _ResourceId has \"Microsoft.HybridCompute/machines\" | where Origin == \"vm.azm.ms\" | where Namespace == \"Processor\" and Name == \"UtilizationPercentage\" | summarize AggregatedValue = avg(Val) by bin(TimeGenerated, 15m), Computer, _ResourceId",
"resources": [
"/subscriptions/$sub"
]
},
"azureMonitor": {
"allowedTimeGrainsMs": [],
"timeGrain": "auto"
},
"datasource": {
"type": "grafana-azure-monitor-datasource",
"uid": "${ds}"
},
"queryType": "Azure Log Analytics",
"refId": "A"
}
],
"transformations": [
{
"id": "organize",
"options": {
"excludeByName": {
"_ResourceId": true
},
"indexByName": {},
"renameByName": {}
}
}
],
"type": "bargauge"
}
],
"refresh": "",
"schemaVersion": 38,
"style": "dark",
"tags": [],
"templating": {
"list": [
{
"current": {},
"hide": 0,
"includeAll": false,
"label": "Datasource",
"multi": false,
"name": "ds",
"options": [],
"query": "grafana-azure-monitor-datasource",
"queryValue": "",
"refresh": 1,
"regex": "",
"skipUrlSync": false,
"type": "datasource"
},
{
"current": {},
"datasource": {
"type": "grafana-azure-monitor-datasource",
"uid": "${ds}"
},
"definition": "",
"hide": 0,
"includeAll": false,
"label": "Subscription",
"multi": false,
"name": "sub",
"options": [],
"query": {
"azureLogAnalytics": {
"query": "",
"resources": []
},
"queryType": "Azure Subscriptions",
"refId": "A"
},
"refresh": 1,
"regex": "",
"skipUrlSync": false,
"sort": 0,
"type": "query"
}
]
},
"time": {
"from": "now-6h",
"to": "now"
},
"timepicker": {},
"timezone": "",
"version": null
}Hybrid Machine Available Memory Percentage - Log Alert
Log Alert for Hybrid Machine Available Memory Percentage
Properties:
| autoMitigate | true |
| autoResolve | true |
| autoResolveTime | 0:10:00 |
| dimensions | |
| evaluationFrequency | PT5M |
| failingPeriods | |
| metricMeasureColumn | AggregatedValue |
| operator | LessThan |
| query | |
| resouceIdColumn | _ResourceId |
| severity | 2 |
| threshold | 10 |
| timeAggregation | Average |
| windowSize | PT15M |
References:
Templates:
{
"$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentTemplate.json#",
"contentVersion": "1.0.0.0",
"parameters": {
"alertName": {
"type": "string",
"minLength": 1,
"metadata": {
"description": "Name of the alert"
}
},
"alertDescription": {
"type": "string",
"defaultValue": "Log Alert for Hybrid Machine Available Memory Percentage",
"metadata": {
"description": "Description of alert"
}
},
"isEnabled": {
"type": "bool",
"defaultValue": true,
"metadata": {
"description": "Specifies whether the alert is enabled"
}
},
"checkWorkspaceAlertsStorageConfigured": {
"type": "bool",
"defaultValue": false,
"metadata": {
"description": "Specifies whether to check linked storage and fail creation if the storage was not found"
}
},
"resourceId": {
"type": "string",
"minLength": 1,
"metadata": {
"description": "Full Resource ID of the resource emitting the metric that will be used for the comparison. For example /subscriptions/00000000-0000-0000-0000-0000-00000000/resourceGroups/ResourceGroupName/providers/Microsoft.compute/virtualMachines/VM_xyz"
}
},
"muteActionsDuration": {
"type": "string",
"allowedValues": [
"PT1M",
"PT5M",
"PT15M",
"PT30M",
"PT1H",
"PT6H",
"PT12H",
"PT24H"
],
"metadata": {
"description": "Mute actions for the chosen period of time (in ISO 8601 duration format) after the alert is fired."
}
},
"alertSeverity": {
"type": "int",
"defaultValue": 2,
"allowedValues": [
0,
1,
2,
3,
4
],
"metadata": {
"description": "Severity of alert {0,1,2,3,4}"
}
},
"autoMitigate": {
"type": "bool",
"defaultValue": true,
"metadata": {
"description": "Specifies whether the alert will automatically resolve"
}
},
"query": {
"type": "string",
"minLength": 1,
"defaultValue": "InsightsMetrics | where _ResourceId has \"Microsoft.HybridCompute/machines\" | where Origin == \"vm.azm.ms\" | where Namespace == \"Memory\" and Name == \"AvailableMB\" | extend TotalMemory = toreal(todynamic(Tags)[\"vm.azm.ms/memorySizeMB\"]) | extend AvailableMemoryPercentage = (toreal(Val) / TotalMemory) * 100.0 | summarize AggregatedValue = avg(AvailableMemoryPercentage) by bin(TimeGenerated,15m), Computer, _ResourceId",
"metadata": {
"description": "Name of the metric used in the comparison to activate the alert."
}
},
"metricMeasureColumn": {
"type": "string",
"defaultValue": "AggregatedValue",
"metadata": {
"description": "Name of the measure column used in the alert evaluation."
}
},
"resourceIdColumn": {
"type": "string",
"defaultValue": "_ResourceId",
"metadata": {
"description": "Name of the resource ID column used in the alert targeting the alerts."
}
},
"operator": {
"type": "string",
"defaultValue": "LessThan",
"allowedValues": [
"Equals",
"GreaterThan",
"GreaterThanOrEqual",
"LessThan",
"LessThanOrEqual"
],
"metadata": {
"description": "Operator comparing the current value with the threshold value."
}
},
"threshold": {
"type": "string",
"defaultValue": "10",
"metadata": {
"description": "The threshold value at which the alert is activated."
}
},
"numberOfEvaluationPeriods": {
"type": "int",
"defaultValue": 1,
"metadata": {
"description": "The number of periods to check in the alert evaluation."
}
},
"minFailingPeriodsToAlert": {
"type": "int",
"defaultValue": 1,
"metadata": {
"description": "The number of unhealthy periods to alert on (must be lower or equal to numberOfEvaluationPeriods)."
}
},
"timeAggregation": {
"type": "string",
"defaultValue": "Average",
"allowedValues": [
"Average",
"Minimum",
"Maximum",
"Total",
"Count"
],
"metadata": {
"description": "How the data that is collected should be combined over time."
}
},
"windowSize": {
"type": "string",
"defaultValue": "PT15M",
"allowedValues": [
"PT1M",
"PT5M",
"PT15M",
"PT30M",
"PT1H",
"PT6H",
"PT12H",
"PT24H",
"PT1D"
],
"metadata": {
"description": "Period of time used to monitor alert activity based on the threshold. Must be between one minute and one day. ISO 8601 duration format."
}
},
"evaluationFrequency": {
"type": "string",
"defaultValue": "PT5M",
"allowedValues": [
"PT5M",
"PT15M",
"PT30M",
"PT1H"
],
"metadata": {
"description": "how often the metric alert is evaluated represented in ISO 8601 duration format"
}
},
"currentDateTimeUtcNow": {
"type": "string",
"defaultValue": "[utcNow()]",
"metadata": {
"description": "The current date and time using the utcNow function. Used for deployment name uniqueness"
}
},
"telemetryOptOut": {
"type": "string",
"defaultValue": "No",
"allowedValues": [
"Yes",
"No"
],
"metadata": {
"description": "The customer usage identifier used for telemetry purposes. The default value of False enables telemetry. The value of True disables telemetry."
}
}
},
"variables": {
"pidDeploymentName": "[take(concat('pid-8bb7cf8a-bcf7-4264-abcb-703ace2fc84d-', uniqueString(resourceGroup().id, parameters('alertName'), parameters('currentDateTimeUtcNow'))), 64)]"
},
"resources": [
{
"type": "Microsoft.Insights/scheduledQueryRules",
"apiVersion": "2021-08-01",
"name": "[parameters('alertName')]",
"location": "[resourceGroup().location]",
"tags": {
"_deployed_by_amba": true
},
"properties": {
"description": "[parameters('alertDescription')]",
"severity": "[parameters('alertSeverity')]",
"enabled": "[parameters('isEnabled')]",
"scopes": [
"[parameters('resourceId')]"
],
"evaluationFrequency": "[parameters('evaluationFrequency')]",
"windowSize": "[parameters('windowSize')]",
"criteria": {
"allOf": [
{
"query": "[parameters('query')]",
"metricMeasureColumn": "[parameters('metricMeasureColumn')]",
"resourceIdColumn": "[parameters('resourceIdColumn')]",
"dimensions": [{"name": "Computer", "operator": "Include", "values": ["*"]}],
"operator": "[parameters('operator')]",
"threshold": "[parameters('threshold')]",
"timeAggregation": "[parameters('timeAggregation')]",
"failingPeriods": {
"numberOfEvaluationPeriods": "[parameters('numberOfEvaluationPeriods')]",
"minFailingPeriodsToAlert": "[parameters('minFailingPeriodsToAlert')]"
}
}
]
},
"muteActionsDuration": "[parameters('muteActionsDuration')]",
"autoMitigate": "[parameters('autoMitigate')]",
"checkWorkspaceAlertsStorageConfigured": "[parameters('checkWorkspaceAlertsStorageConfigured')]"
}
},
{
"condition": "[equals(parameters('telemetryOptOut'), 'No')]",
"apiVersion": "2023-07-01",
"name": "[variables('pidDeploymentName')]",
"type": "Microsoft.Resources/deployments",
"properties": {
"mode": "Incremental",
"template": {
"$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#",
"contentVersion": "1.0.0.0",
"resources": []
}
}
}
]
}
@description('Name of the alert')
@minLength(1)
param alertName string
@description('Description of alert')
param alertDescription string = 'Log Alert for Hybrid Machine Available Memory Percentage'
@description('Specifies whether the alert is enabled')
param isEnabled bool = true
@description('Specifies whether to check linked storage and fail creation if the storage was not found')
param checkWorkspaceAlertsStorageConfigured bool = false
@description('Full Resource ID of the resource emitting the metric that will be used for the comparison. For example /subscriptions/00000000-0000-0000-0000-0000-00000000/resourceGroups/ResourceGroupName/providers/Microsoft.compute/virtualMachines/VM_xyz')
@minLength(1)
param resourceId string
@description('Mute actions for the chosen period of time (in ISO 8601 duration format) after the alert is fired.')
@allowed([
'PT1M'
'PT5M'
'PT15M'
'PT30M'
'PT1H'
'PT6H'
'PT12H'
'PT24H'
])
param muteActionsDuration string
@description('Severity of alert {0,1,2,3,4}')
@allowed([
0
1
2
3
4
])
param alertSeverity int = 2
@description('Specifies whether the alert will automatically resolve')
param autoMitigate bool = true
@description('Name of the metric used in the comparison to activate the alert.')
@minLength(1)
param query string = 'InsightsMetrics | where _ResourceId has "Microsoft.HybridCompute/machines" | where Origin == "vm.azm.ms" | where Namespace == "Memory" and Name == "AvailableMB" | extend TotalMemory = toreal(todynamic(Tags)["vm.azm.ms/memorySizeMB"]) | extend AvailableMemoryPercentage = (toreal(Val) / TotalMemory) * 100.0 | summarize AggregatedValue = avg(AvailableMemoryPercentage) by bin(TimeGenerated,15m), Computer, _ResourceId'
@description('Name of the measure column used in the alert evaluation.')
param metricMeasureColumn string = 'AggregatedValue'
@description('Name of the resource ID column used in the alert targeting the alerts.')
param resourceIdColumn string = '_ResourceId'
@description('Operator comparing the current value with the threshold value.')
@allowed([
'Equals'
'GreaterThan'
'GreaterThanOrEqual'
'LessThan'
'LessThanOrEqual'
])
param operator string = 'LessThan'
@description('The threshold value at which the alert is activated.')
param threshold int = 10
@description('The number of periods to check in the alert evaluation.')
param numberOfEvaluationPeriods int = 1
@description('The number of unhealthy periods to alert on (must be lower or equal to numberOfEvaluationPeriods).')
param minFailingPeriodsToAlert int = 1
@description('How the data that is collected should be combined over time.')
@allowed([
'Average'
'Minimum'
'Maximum'
'Total'
'Count'
])
param timeAggregation string = 'Average'
@description('Period of time used to monitor alert activity based on the threshold. Must be between one minute and one day. ISO 8601 duration format.')
@allowed([
'PT1M'
'PT5M'
'PT15M'
'PT30M'
'PT1H'
'PT6H'
'PT12H'
'PT24H'
'P1D'
])
param windowSize string = 'PT15M'
@description('how often the metric alert is evaluated represented in ISO 8601 duration format')
@allowed([
'PT5M'
'PT15M'
'PT30M'
'PT1H'
])
param evaluationFrequency string = 'PT5M'
@description('"The current date and time using the utcNow function. Used for deployment name uniqueness')
param currentDateTimeUtcNow string = utcNow()
@description('The customer usage identifier used for telemetry purposes. The default value of False enables telemetry. The value of True disables telemetry.')
@allowed([
'Yes'
'No'
])
param telemetryOptOut string = 'No'
resource alert 'Microsoft.Insights/scheduledQueryRules@2021-08-01' = {
name: alertName
location: resourceGroup().location
tags: {
_deployed_by_amba: 'true'
}
properties: {
description: alertDescription
severity: alertSeverity
enabled: isEnabled
scopes: [
resourceId
]
evaluationFrequency: evaluationFrequency
windowSize: windowSize
criteria: {
allOf: [
{
query: query
metricMeasureColumn: metricMeasureColumn
resourceIdColumn: resourceIdColumn
dimensions: [
{
name: 'Computer'
operator: 'Include'
values: ['*']
}]
operator: operator
threshold: threshold
timeAggregation: timeAggregation
failingPeriods: {
numberOfEvaluationPeriods: numberOfEvaluationPeriods
minFailingPeriodsToAlert: minFailingPeriodsToAlert
}
}
]
}
muteActionsDuration: muteActionsDuration
autoMitigate: autoMitigate
checkWorkspaceAlertsStorageConfigured: checkWorkspaceAlertsStorageConfigured
}
}
var ambaTelemetryPidName = 'pid-8bb7cf8a-bcf7-4264-abcb-703ace2fc84d-${uniqueString(resourceGroup().id, alertName, currentDateTimeUtcNow)}'
resource ambaTelemetryPid 'Microsoft.Resources/deployments@2023-07-01' = if (telemetryOptOut == 'No') {
name: ambaTelemetryPidName
tags: {
_deployed_by_amba: 'true'
}
properties: {
mode: 'Incremental'
template: {
'$schema': 'https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#'
contentVersion: '1.0.0.0'
resources: []
}
}
}
Hybrid Machine Data Disk Free Space Percentage Alert - Log Alert
Log Alert for Hybrid Machine Data Disk Free Space Percentage
Properties:
| autoMitigate | true |
| autoResolve | true |
| autoResolveTime | 0:10:00 |
| dimensions | |
| evaluationFrequency | PT5M |
| failingPeriods | |
| metricMeasureColumn | AggregatedValue |
| operator | LessThan |
| query | |
| resouceIdColumn | _ResourceId |
| severity | 2 |
| threshold | 10 |
| timeAggregation | Average |
| windowSize | PT15M |
References:
Templates:
{
"$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentTemplate.json#",
"contentVersion": "1.0.0.0",
"parameters": {
"alertName": {
"type": "string",
"minLength": 1,
"metadata": {
"description": "Name of the alert"
}
},
"alertDescription": {
"type": "string",
"defaultValue": "Log Alert for Hybrid Machine Data Disk Free Space Percentage",
"metadata": {
"description": "Description of alert"
}
},
"isEnabled": {
"type": "bool",
"defaultValue": true,
"metadata": {
"description": "Specifies whether the alert is enabled"
}
},
"checkWorkspaceAlertsStorageConfigured": {
"type": "bool",
"defaultValue": false,
"metadata": {
"description": "Specifies whether to check linked storage and fail creation if the storage was not found"
}
},
"resourceId": {
"type": "string",
"minLength": 1,
"metadata": {
"description": "Full Resource ID of the resource emitting the metric that will be used for the comparison. For example /subscriptions/00000000-0000-0000-0000-0000-00000000/resourceGroups/ResourceGroupName/providers/Microsoft.compute/virtualMachines/VM_xyz"
}
},
"muteActionsDuration": {
"type": "string",
"allowedValues": [
"PT1M",
"PT5M",
"PT15M",
"PT30M",
"PT1H",
"PT6H",
"PT12H",
"PT24H"
],
"metadata": {
"description": "Mute actions for the chosen period of time (in ISO 8601 duration format) after the alert is fired."
}
},
"alertSeverity": {
"type": "int",
"defaultValue": 2,
"allowedValues": [
0,
1,
2,
3,
4
],
"metadata": {
"description": "Severity of alert {0,1,2,3,4}"
}
},
"autoMitigate": {
"type": "bool",
"defaultValue": true,
"metadata": {
"description": "Specifies whether the alert will automatically resolve"
}
},
"query": {
"type": "string",
"minLength": 1,
"defaultValue": "InsightsMetrics | where _ResourceId has \"Microsoft.HybridCompute/machines\" | where Origin == \"vm.azm.ms\" | where Namespace == \"LogicalDisk\"and Name == \"FreeSpacePercentage\" | extend Disk=tostring(todynamic(Tags)[\"vm.azm.ms/mountId\"]) | where Disk !in (\"C:\",\"/\") | summarize AggregatedValue = avg(Val) by bin(TimeGenerated,15m), Computer,_ResourceId, Disk",
"metadata": {
"description": "Name of the metric used in the comparison to activate the alert."
}
},
"metricMeasureColumn": {
"type": "string",
"defaultValue": "AggregatedValue",
"metadata": {
"description": "Name of the measure column used in the alert evaluation."
}
},
"resourceIdColumn": {
"type": "string",
"defaultValue": "_ResourceId",
"metadata": {
"description": "Name of the resource ID column used in the alert targeting the alerts."
}
},
"operator": {
"type": "string",
"defaultValue": "LessThan",
"allowedValues": [
"Equals",
"GreaterThan",
"GreaterThanOrEqual",
"LessThan",
"LessThanOrEqual"
],
"metadata": {
"description": "Operator comparing the current value with the threshold value."
}
},
"threshold": {
"type": "string",
"defaultValue": "10",
"metadata": {
"description": "The threshold value at which the alert is activated."
}
},
"numberOfEvaluationPeriods": {
"type": "int",
"defaultValue": 1,
"metadata": {
"description": "The number of periods to check in the alert evaluation."
}
},
"minFailingPeriodsToAlert": {
"type": "int",
"defaultValue": 1,
"metadata": {
"description": "The number of unhealthy periods to alert on (must be lower or equal to numberOfEvaluationPeriods)."
}
},
"timeAggregation": {
"type": "string",
"defaultValue": "Average",
"allowedValues": [
"Average",
"Minimum",
"Maximum",
"Total",
"Count"
],
"metadata": {
"description": "How the data that is collected should be combined over time."
}
},
"windowSize": {
"type": "string",
"defaultValue": "PT15M",
"allowedValues": [
"PT1M",
"PT5M",
"PT15M",
"PT30M",
"PT1H",
"PT6H",
"PT12H",
"PT24H",
"PT1D"
],
"metadata": {
"description": "Period of time used to monitor alert activity based on the threshold. Must be between one minute and one day. ISO 8601 duration format."
}
},
"evaluationFrequency": {
"type": "string",
"defaultValue": "PT5M",
"allowedValues": [
"PT5M",
"PT15M",
"PT30M",
"PT1H"
],
"metadata": {
"description": "how often the metric alert is evaluated represented in ISO 8601 duration format"
}
},
"currentDateTimeUtcNow": {
"type": "string",
"defaultValue": "[utcNow()]",
"metadata": {
"description": "The current date and time using the utcNow function. Used for deployment name uniqueness"
}
},
"telemetryOptOut": {
"type": "string",
"defaultValue": "No",
"allowedValues": [
"Yes",
"No"
],
"metadata": {
"description": "The customer usage identifier used for telemetry purposes. The default value of False enables telemetry. The value of True disables telemetry."
}
}
},
"variables": {
"pidDeploymentName": "[take(concat('pid-8bb7cf8a-bcf7-4264-abcb-703ace2fc84d-', uniqueString(resourceGroup().id, parameters('alertName'), parameters('currentDateTimeUtcNow'))), 64)]"
},
"resources": [
{
"type": "Microsoft.Insights/scheduledQueryRules",
"apiVersion": "2021-08-01",
"name": "[parameters('alertName')]",
"location": "[resourceGroup().location]",
"tags": {
"_deployed_by_amba": true
},
"properties": {
"description": "[parameters('alertDescription')]",
"severity": "[parameters('alertSeverity')]",
"enabled": "[parameters('isEnabled')]",
"scopes": [
"[parameters('resourceId')]"
],
"evaluationFrequency": "[parameters('evaluationFrequency')]",
"windowSize": "[parameters('windowSize')]",
"criteria": {
"allOf": [
{
"query": "[parameters('query')]",
"metricMeasureColumn": "[parameters('metricMeasureColumn')]",
"resourceIdColumn": "[parameters('resourceIdColumn')]",
"dimensions": [{"name": "Computer", "operator": "Include", "values": ["*"]}, {"name": "Disk", "operator": "Include", "values": ["*"]}],
"operator": "[parameters('operator')]",
"threshold": "[parameters('threshold')]",
"timeAggregation": "[parameters('timeAggregation')]",
"failingPeriods": {
"numberOfEvaluationPeriods": "[parameters('numberOfEvaluationPeriods')]",
"minFailingPeriodsToAlert": "[parameters('minFailingPeriodsToAlert')]"
}
}
]
},
"muteActionsDuration": "[parameters('muteActionsDuration')]",
"autoMitigate": "[parameters('autoMitigate')]",
"checkWorkspaceAlertsStorageConfigured": "[parameters('checkWorkspaceAlertsStorageConfigured')]"
}
},
{
"condition": "[equals(parameters('telemetryOptOut'), 'No')]",
"apiVersion": "2023-07-01",
"name": "[variables('pidDeploymentName')]",
"type": "Microsoft.Resources/deployments",
"properties": {
"mode": "Incremental",
"template": {
"$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#",
"contentVersion": "1.0.0.0",
"resources": []
}
}
}
]
}
@description('Name of the alert')
@minLength(1)
param alertName string
@description('Description of alert')
param alertDescription string = 'Log Alert for Hybrid Machine Data Disk Free Space Percentage'
@description('Specifies whether the alert is enabled')
param isEnabled bool = true
@description('Specifies whether to check linked storage and fail creation if the storage was not found')
param checkWorkspaceAlertsStorageConfigured bool = false
@description('Full Resource ID of the resource emitting the metric that will be used for the comparison. For example /subscriptions/00000000-0000-0000-0000-0000-00000000/resourceGroups/ResourceGroupName/providers/Microsoft.compute/virtualMachines/VM_xyz')
@minLength(1)
param resourceId string
@description('Mute actions for the chosen period of time (in ISO 8601 duration format) after the alert is fired.')
@allowed([
'PT1M'
'PT5M'
'PT15M'
'PT30M'
'PT1H'
'PT6H'
'PT12H'
'PT24H'
])
param muteActionsDuration string
@description('Severity of alert {0,1,2,3,4}')
@allowed([
0
1
2
3
4
])
param alertSeverity int = 2
@description('Specifies whether the alert will automatically resolve')
param autoMitigate bool = true
@description('Name of the metric used in the comparison to activate the alert.')
@minLength(1)
param query string = 'InsightsMetrics | where _ResourceId has "Microsoft.HybridCompute/machines" | where Origin == "vm.azm.ms" | where Namespace == "LogicalDisk"and Name == "FreeSpacePercentage" | extend Disk=tostring(todynamic(Tags)["vm.azm.ms/mountId"]) | where Disk !in ("C:","/") | summarize AggregatedValue = avg(Val) by bin(TimeGenerated,15m), Computer,_ResourceId, Disk'
@description('Name of the measure column used in the alert evaluation.')
param metricMeasureColumn string = 'AggregatedValue'
@description('Name of the resource ID column used in the alert targeting the alerts.')
param resourceIdColumn string = '_ResourceId'
@description('Operator comparing the current value with the threshold value.')
@allowed([
'Equals'
'GreaterThan'
'GreaterThanOrEqual'
'LessThan'
'LessThanOrEqual'
])
param operator string = 'LessThan'
@description('The threshold value at which the alert is activated.')
param threshold int = 10
@description('The number of periods to check in the alert evaluation.')
param numberOfEvaluationPeriods int = 1
@description('The number of unhealthy periods to alert on (must be lower or equal to numberOfEvaluationPeriods).')
param minFailingPeriodsToAlert int = 1
@description('How the data that is collected should be combined over time.')
@allowed([
'Average'
'Minimum'
'Maximum'
'Total'
'Count'
])
param timeAggregation string = 'Average'
@description('Period of time used to monitor alert activity based on the threshold. Must be between one minute and one day. ISO 8601 duration format.')
@allowed([
'PT1M'
'PT5M'
'PT15M'
'PT30M'
'PT1H'
'PT6H'
'PT12H'
'PT24H'
'P1D'
])
param windowSize string = 'PT15M'
@description('how often the metric alert is evaluated represented in ISO 8601 duration format')
@allowed([
'PT5M'
'PT15M'
'PT30M'
'PT1H'
])
param evaluationFrequency string = 'PT5M'
@description('"The current date and time using the utcNow function. Used for deployment name uniqueness')
param currentDateTimeUtcNow string = utcNow()
@description('The customer usage identifier used for telemetry purposes. The default value of False enables telemetry. The value of True disables telemetry.')
@allowed([
'Yes'
'No'
])
param telemetryOptOut string = 'No'
resource alert 'Microsoft.Insights/scheduledQueryRules@2021-08-01' = {
name: alertName
location: resourceGroup().location
tags: {
_deployed_by_amba: 'true'
}
properties: {
description: alertDescription
severity: alertSeverity
enabled: isEnabled
scopes: [
resourceId
]
evaluationFrequency: evaluationFrequency
windowSize: windowSize
criteria: {
allOf: [
{
query: query
metricMeasureColumn: metricMeasureColumn
resourceIdColumn: resourceIdColumn
dimensions: [
{
name: 'Computer'
operator: 'Include'
values: ['*']
}
{
name: 'Disk'
operator: 'Include'
values: ['*']
}]
operator: operator
threshold: threshold
timeAggregation: timeAggregation
failingPeriods: {
numberOfEvaluationPeriods: numberOfEvaluationPeriods
minFailingPeriodsToAlert: minFailingPeriodsToAlert
}
}
]
}
muteActionsDuration: muteActionsDuration
autoMitigate: autoMitigate
checkWorkspaceAlertsStorageConfigured: checkWorkspaceAlertsStorageConfigured
}
}
var ambaTelemetryPidName = 'pid-8bb7cf8a-bcf7-4264-abcb-703ace2fc84d-${uniqueString(resourceGroup().id, alertName, currentDateTimeUtcNow)}'
resource ambaTelemetryPid 'Microsoft.Resources/deployments@2023-07-01' = if (telemetryOptOut == 'No') {
name: ambaTelemetryPidName
tags: {
_deployed_by_amba: 'true'
}
properties: {
mode: 'Incremental'
template: {
'$schema': 'https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#'
contentVersion: '1.0.0.0'
resources: []
}
}
}
Hybrid Machine Data Disk Read Latency Alert - Log Alert
Log Alert for Hybrid Machine Data Disk Read Latency
Properties:
| autoMitigate | true |
| autoResolve | true |
| autoResolveTime | 0:10:00 |
| dimensions | |
| evaluationFrequency | PT5M |
| failingPeriods | |
| metricMeasureColumn | AggregatedValue |
| operator | GreaterThan |
| query | |
| resouceIdColumn | _ResourceId |
| severity | 2 |
| threshold | 25 |
| timeAggregation | Average |
| windowSize | PT15M |
References:
Templates:
{
"$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentTemplate.json#",
"contentVersion": "1.0.0.0",
"parameters": {
"alertName": {
"type": "string",
"minLength": 1,
"metadata": {
"description": "Name of the alert"
}
},
"alertDescription": {
"type": "string",
"defaultValue": "Log Alert for Hybrid Machine Data Disk Read Latency",
"metadata": {
"description": "Description of alert"
}
},
"isEnabled": {
"type": "bool",
"defaultValue": true,
"metadata": {
"description": "Specifies whether the alert is enabled"
}
},
"checkWorkspaceAlertsStorageConfigured": {
"type": "bool",
"defaultValue": false,
"metadata": {
"description": "Specifies whether to check linked storage and fail creation if the storage was not found"
}
},
"resourceId": {
"type": "string",
"minLength": 1,
"metadata": {
"description": "Full Resource ID of the resource emitting the metric that will be used for the comparison. For example /subscriptions/00000000-0000-0000-0000-0000-00000000/resourceGroups/ResourceGroupName/providers/Microsoft.compute/virtualMachines/VM_xyz"
}
},
"muteActionsDuration": {
"type": "string",
"allowedValues": [
"PT1M",
"PT5M",
"PT15M",
"PT30M",
"PT1H",
"PT6H",
"PT12H",
"PT24H"
],
"metadata": {
"description": "Mute actions for the chosen period of time (in ISO 8601 duration format) after the alert is fired."
}
},
"alertSeverity": {
"type": "int",
"defaultValue": 2,
"allowedValues": [
0,
1,
2,
3,
4
],
"metadata": {
"description": "Severity of alert {0,1,2,3,4}"
}
},
"autoMitigate": {
"type": "bool",
"defaultValue": true,
"metadata": {
"description": "Specifies whether the alert will automatically resolve"
}
},
"query": {
"type": "string",
"minLength": 1,
"defaultValue": "InsightsMetrics | where _ResourceId has \"Microsoft.HybridCompute/machines\" | where Origin == \"vm.azm.ms\" | where Namespace == \"LogicalDisk\" and Name == \"ReadLatencyMs\" | extend Disk=tostring(todynamic(Tags)[\"vm.azm.ms/mountId\"]) | where Disk !in (\"C:\", \"/\") | summarize AggregatedValue = avg(Val) by bin(TimeGenerated, 15m), Computer, _ResourceId, Disk",
"metadata": {
"description": "Name of the metric used in the comparison to activate the alert."
}
},
"metricMeasureColumn": {
"type": "string",
"defaultValue": "AggregatedValue",
"metadata": {
"description": "Name of the measure column used in the alert evaluation."
}
},
"resourceIdColumn": {
"type": "string",
"defaultValue": "_ResourceId",
"metadata": {
"description": "Name of the resource ID column used in the alert targeting the alerts."
}
},
"operator": {
"type": "string",
"defaultValue": "GreaterThan",
"allowedValues": [
"Equals",
"GreaterThan",
"GreaterThanOrEqual",
"LessThan",
"LessThanOrEqual"
],
"metadata": {
"description": "Operator comparing the current value with the threshold value."
}
},
"threshold": {
"type": "string",
"defaultValue": "25",
"metadata": {
"description": "The threshold value at which the alert is activated."
}
},
"numberOfEvaluationPeriods": {
"type": "int",
"defaultValue": 1,
"metadata": {
"description": "The number of periods to check in the alert evaluation."
}
},
"minFailingPeriodsToAlert": {
"type": "int",
"defaultValue": 1,
"metadata": {
"description": "The number of unhealthy periods to alert on (must be lower or equal to numberOfEvaluationPeriods)."
}
},
"timeAggregation": {
"type": "string",
"defaultValue": "Average",
"allowedValues": [
"Average",
"Minimum",
"Maximum",
"Total",
"Count"
],
"metadata": {
"description": "How the data that is collected should be combined over time."
}
},
"windowSize": {
"type": "string",
"defaultValue": "PT15M",
"allowedValues": [
"PT1M",
"PT5M",
"PT15M",
"PT30M",
"PT1H",
"PT6H",
"PT12H",
"PT24H",
"PT1D"
],
"metadata": {
"description": "Period of time used to monitor alert activity based on the threshold. Must be between one minute and one day. ISO 8601 duration format."
}
},
"evaluationFrequency": {
"type": "string",
"defaultValue": "PT5M",
"allowedValues": [
"PT5M",
"PT15M",
"PT30M",
"PT1H"
],
"metadata": {
"description": "how often the metric alert is evaluated represented in ISO 8601 duration format"
}
},
"currentDateTimeUtcNow": {
"type": "string",
"defaultValue": "[utcNow()]",
"metadata": {
"description": "The current date and time using the utcNow function. Used for deployment name uniqueness"
}
},
"telemetryOptOut": {
"type": "string",
"defaultValue": "No",
"allowedValues": [
"Yes",
"No"
],
"metadata": {
"description": "The customer usage identifier used for telemetry purposes. The default value of False enables telemetry. The value of True disables telemetry."
}
}
},
"variables": {
"pidDeploymentName": "[take(concat('pid-8bb7cf8a-bcf7-4264-abcb-703ace2fc84d-', uniqueString(resourceGroup().id, parameters('alertName'), parameters('currentDateTimeUtcNow'))), 64)]"
},
"resources": [
{
"type": "Microsoft.Insights/scheduledQueryRules",
"apiVersion": "2021-08-01",
"name": "[parameters('alertName')]",
"location": "[resourceGroup().location]",
"tags": {
"_deployed_by_amba": true
},
"properties": {
"description": "[parameters('alertDescription')]",
"severity": "[parameters('alertSeverity')]",
"enabled": "[parameters('isEnabled')]",
"scopes": [
"[parameters('resourceId')]"
],
"evaluationFrequency": "[parameters('evaluationFrequency')]",
"windowSize": "[parameters('windowSize')]",
"criteria": {
"allOf": [
{
"query": "[parameters('query')]",
"metricMeasureColumn": "[parameters('metricMeasureColumn')]",
"resourceIdColumn": "[parameters('resourceIdColumn')]",
"dimensions": [{"name": "Computer", "operator": "Include", "values": ["*"]}, {"name": "Disk", "operator": "Include", "values": ["*"]}],
"operator": "[parameters('operator')]",
"threshold": "[parameters('threshold')]",
"timeAggregation": "[parameters('timeAggregation')]",
"failingPeriods": {
"numberOfEvaluationPeriods": "[parameters('numberOfEvaluationPeriods')]",
"minFailingPeriodsToAlert": "[parameters('minFailingPeriodsToAlert')]"
}
}
]
},
"muteActionsDuration": "[parameters('muteActionsDuration')]",
"autoMitigate": "[parameters('autoMitigate')]",
"checkWorkspaceAlertsStorageConfigured": "[parameters('checkWorkspaceAlertsStorageConfigured')]"
}
},
{
"condition": "[equals(parameters('telemetryOptOut'), 'No')]",
"apiVersion": "2023-07-01",
"name": "[variables('pidDeploymentName')]",
"type": "Microsoft.Resources/deployments",
"properties": {
"mode": "Incremental",
"template": {
"$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#",
"contentVersion": "1.0.0.0",
"resources": []
}
}
}
]
}
@description('Name of the alert')
@minLength(1)
param alertName string
@description('Description of alert')
param alertDescription string = 'Log Alert for Hybrid Machine Data Disk Read Latency'
@description('Specifies whether the alert is enabled')
param isEnabled bool = true
@description('Specifies whether to check linked storage and fail creation if the storage was not found')
param checkWorkspaceAlertsStorageConfigured bool = false
@description('Full Resource ID of the resource emitting the metric that will be used for the comparison. For example /subscriptions/00000000-0000-0000-0000-0000-00000000/resourceGroups/ResourceGroupName/providers/Microsoft.compute/virtualMachines/VM_xyz')
@minLength(1)
param resourceId string
@description('Mute actions for the chosen period of time (in ISO 8601 duration format) after the alert is fired.')
@allowed([
'PT1M'
'PT5M'
'PT15M'
'PT30M'
'PT1H'
'PT6H'
'PT12H'
'PT24H'
])
param muteActionsDuration string
@description('Severity of alert {0,1,2,3,4}')
@allowed([
0
1
2
3
4
])
param alertSeverity int = 2
@description('Specifies whether the alert will automatically resolve')
param autoMitigate bool = true
@description('Name of the metric used in the comparison to activate the alert.')
@minLength(1)
param query string = 'InsightsMetrics | where _ResourceId has "Microsoft.HybridCompute/machines" | where Origin == "vm.azm.ms" | where Namespace == "LogicalDisk" and Name == "ReadLatencyMs" | extend Disk=tostring(todynamic(Tags)["vm.azm.ms/mountId"]) | where Disk !in ("C:", "/") | summarize AggregatedValue = avg(Val) by bin(TimeGenerated, 15m), Computer, _ResourceId, Disk'
@description('Name of the measure column used in the alert evaluation.')
param metricMeasureColumn string = 'AggregatedValue'
@description('Name of the resource ID column used in the alert targeting the alerts.')
param resourceIdColumn string = '_ResourceId'
@description('Operator comparing the current value with the threshold value.')
@allowed([
'Equals'
'GreaterThan'
'GreaterThanOrEqual'
'LessThan'
'LessThanOrEqual'
])
param operator string = 'GreaterThan'
@description('The threshold value at which the alert is activated.')
param threshold int = 25
@description('The number of periods to check in the alert evaluation.')
param numberOfEvaluationPeriods int = 1
@description('The number of unhealthy periods to alert on (must be lower or equal to numberOfEvaluationPeriods).')
param minFailingPeriodsToAlert int = 1
@description('How the data that is collected should be combined over time.')
@allowed([
'Average'
'Minimum'
'Maximum'
'Total'
'Count'
])
param timeAggregation string = 'Average'
@description('Period of time used to monitor alert activity based on the threshold. Must be between one minute and one day. ISO 8601 duration format.')
@allowed([
'PT1M'
'PT5M'
'PT15M'
'PT30M'
'PT1H'
'PT6H'
'PT12H'
'PT24H'
'P1D'
])
param windowSize string = 'PT15M'
@description('how often the metric alert is evaluated represented in ISO 8601 duration format')
@allowed([
'PT5M'
'PT15M'
'PT30M'
'PT1H'
])
param evaluationFrequency string = 'PT5M'
@description('"The current date and time using the utcNow function. Used for deployment name uniqueness')
param currentDateTimeUtcNow string = utcNow()
@description('The customer usage identifier used for telemetry purposes. The default value of False enables telemetry. The value of True disables telemetry.')
@allowed([
'Yes'
'No'
])
param telemetryOptOut string = 'No'
resource alert 'Microsoft.Insights/scheduledQueryRules@2021-08-01' = {
name: alertName
location: resourceGroup().location
tags: {
_deployed_by_amba: 'true'
}
properties: {
description: alertDescription
severity: alertSeverity
enabled: isEnabled
scopes: [
resourceId
]
evaluationFrequency: evaluationFrequency
windowSize: windowSize
criteria: {
allOf: [
{
query: query
metricMeasureColumn: metricMeasureColumn
resourceIdColumn: resourceIdColumn
dimensions: [
{
name: 'Computer'
operator: 'Include'
values: ['*']
}
{
name: 'Disk'
operator: 'Include'
values: ['*']
}]
operator: operator
threshold: threshold
timeAggregation: timeAggregation
failingPeriods: {
numberOfEvaluationPeriods: numberOfEvaluationPeriods
minFailingPeriodsToAlert: minFailingPeriodsToAlert
}
}
]
}
muteActionsDuration: muteActionsDuration
autoMitigate: autoMitigate
checkWorkspaceAlertsStorageConfigured: checkWorkspaceAlertsStorageConfigured
}
}
var ambaTelemetryPidName = 'pid-8bb7cf8a-bcf7-4264-abcb-703ace2fc84d-${uniqueString(resourceGroup().id, alertName, currentDateTimeUtcNow)}'
resource ambaTelemetryPid 'Microsoft.Resources/deployments@2023-07-01' = if (telemetryOptOut == 'No') {
name: ambaTelemetryPidName
tags: {
_deployed_by_amba: 'true'
}
properties: {
mode: 'Incremental'
template: {
'$schema': 'https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#'
contentVersion: '1.0.0.0'
resources: []
}
}
}
Hybrid Machine Data Disk Write Latency Alert - Log Alert
Log Alert for Hybrid Machine Data Disk Write Latency (ms)
Properties:
| autoMitigate | true |
| autoResolve | true |
| autoResolveTime | 0:10:00 |
| dimensions | |
| evaluationFrequency | PT5M |
| failingPeriods | |
| metricMeasureColumn | AggregatedValue |
| operator | GreaterThan |
| query | |
| resouceIdColumn | _ResourceId |
| severity | 2 |
| threshold | 25 |
| timeAggregation | Average |
| windowSize | PT15M |
References:
Templates:
{
"$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentTemplate.json#",
"contentVersion": "1.0.0.0",
"parameters": {
"alertName": {
"type": "string",
"minLength": 1,
"metadata": {
"description": "Name of the alert"
}
},
"alertDescription": {
"type": "string",
"defaultValue": "Log Alert for Hybrid Machine Data Disk Write Latency (ms)",
"metadata": {
"description": "Description of alert"
}
},
"isEnabled": {
"type": "bool",
"defaultValue": true,
"metadata": {
"description": "Specifies whether the alert is enabled"
}
},
"checkWorkspaceAlertsStorageConfigured": {
"type": "bool",
"defaultValue": false,
"metadata": {
"description": "Specifies whether to check linked storage and fail creation if the storage was not found"
}
},
"resourceId": {
"type": "string",
"minLength": 1,
"metadata": {
"description": "Full Resource ID of the resource emitting the metric that will be used for the comparison. For example /subscriptions/00000000-0000-0000-0000-0000-00000000/resourceGroups/ResourceGroupName/providers/Microsoft.compute/virtualMachines/VM_xyz"
}
},
"muteActionsDuration": {
"type": "string",
"allowedValues": [
"PT1M",
"PT5M",
"PT15M",
"PT30M",
"PT1H",
"PT6H",
"PT12H",
"PT24H"
],
"metadata": {
"description": "Mute actions for the chosen period of time (in ISO 8601 duration format) after the alert is fired."
}
},
"alertSeverity": {
"type": "int",
"defaultValue": 2,
"allowedValues": [
0,
1,
2,
3,
4
],
"metadata": {
"description": "Severity of alert {0,1,2,3,4}"
}
},
"autoMitigate": {
"type": "bool",
"defaultValue": true,
"metadata": {
"description": "Specifies whether the alert will automatically resolve"
}
},
"query": {
"type": "string",
"minLength": 1,
"defaultValue": "InsightsMetrics | where _ResourceId has \"Microsoft.HybridCompute/machines\" | where Origin == \"vm.azm.ms\" | where Namespace == \"LogicalDisk\" and Name == \"WriteLatencyMs\" | extend Disk=tostring(todynamic(Tags)[\"vm.azm.ms/mountId\"]) | where Disk !in (\"C:\",\"/\") | summarize AggregatedValue = avg(Val) by bin(TimeGenerated,15m), Computer, _ResourceId, Disk",
"metadata": {
"description": "Name of the metric used in the comparison to activate the alert."
}
},
"metricMeasureColumn": {
"type": "string",
"defaultValue": "AggregatedValue",
"metadata": {
"description": "Name of the measure column used in the alert evaluation."
}
},
"resourceIdColumn": {
"type": "string",
"defaultValue": "_ResourceId",
"metadata": {
"description": "Name of the resource ID column used in the alert targeting the alerts."
}
},
"operator": {
"type": "string",
"defaultValue": "GreaterThan",
"allowedValues": [
"Equals",
"GreaterThan",
"GreaterThanOrEqual",
"LessThan",
"LessThanOrEqual"
],
"metadata": {
"description": "Operator comparing the current value with the threshold value."
}
},
"threshold": {
"type": "string",
"defaultValue": "25",
"metadata": {
"description": "The threshold value at which the alert is activated."
}
},
"numberOfEvaluationPeriods": {
"type": "int",
"defaultValue": 1,
"metadata": {
"description": "The number of periods to check in the alert evaluation."
}
},
"minFailingPeriodsToAlert": {
"type": "int",
"defaultValue": 1,
"metadata": {
"description": "The number of unhealthy periods to alert on (must be lower or equal to numberOfEvaluationPeriods)."
}
},
"timeAggregation": {
"type": "string",
"defaultValue": "Average",
"allowedValues": [
"Average",
"Minimum",
"Maximum",
"Total",
"Count"
],
"metadata": {
"description": "How the data that is collected should be combined over time."
}
},
"windowSize": {
"type": "string",
"defaultValue": "PT15M",
"allowedValues": [
"PT1M",
"PT5M",
"PT15M",
"PT30M",
"PT1H",
"PT6H",
"PT12H",
"PT24H",
"PT1D"
],
"metadata": {
"description": "Period of time used to monitor alert activity based on the threshold. Must be between one minute and one day. ISO 8601 duration format."
}
},
"evaluationFrequency": {
"type": "string",
"defaultValue": "PT5M",
"allowedValues": [
"PT5M",
"PT15M",
"PT30M",
"PT1H"
],
"metadata": {
"description": "how often the metric alert is evaluated represented in ISO 8601 duration format"
}
},
"currentDateTimeUtcNow": {
"type": "string",
"defaultValue": "[utcNow()]",
"metadata": {
"description": "The current date and time using the utcNow function. Used for deployment name uniqueness"
}
},
"telemetryOptOut": {
"type": "string",
"defaultValue": "No",
"allowedValues": [
"Yes",
"No"
],
"metadata": {
"description": "The customer usage identifier used for telemetry purposes. The default value of False enables telemetry. The value of True disables telemetry."
}
}
},
"variables": {
"pidDeploymentName": "[take(concat('pid-8bb7cf8a-bcf7-4264-abcb-703ace2fc84d-', uniqueString(resourceGroup().id, parameters('alertName'), parameters('currentDateTimeUtcNow'))), 64)]"
},
"resources": [
{
"type": "Microsoft.Insights/scheduledQueryRules",
"apiVersion": "2021-08-01",
"name": "[parameters('alertName')]",
"location": "[resourceGroup().location]",
"tags": {
"_deployed_by_amba": true
},
"properties": {
"description": "[parameters('alertDescription')]",
"severity": "[parameters('alertSeverity')]",
"enabled": "[parameters('isEnabled')]",
"scopes": [
"[parameters('resourceId')]"
],
"evaluationFrequency": "[parameters('evaluationFrequency')]",
"windowSize": "[parameters('windowSize')]",
"criteria": {
"allOf": [
{
"query": "[parameters('query')]",
"metricMeasureColumn": "[parameters('metricMeasureColumn')]",
"resourceIdColumn": "[parameters('resourceIdColumn')]",
"dimensions": [{"name": "Computer", "operator": "Include", "values": ["*"]}, {"name": "Disk", "operator": "Include", "values": ["*"]}],
"operator": "[parameters('operator')]",
"threshold": "[parameters('threshold')]",
"timeAggregation": "[parameters('timeAggregation')]",
"failingPeriods": {
"numberOfEvaluationPeriods": "[parameters('numberOfEvaluationPeriods')]",
"minFailingPeriodsToAlert": "[parameters('minFailingPeriodsToAlert')]"
}
}
]
},
"muteActionsDuration": "[parameters('muteActionsDuration')]",
"autoMitigate": "[parameters('autoMitigate')]",
"checkWorkspaceAlertsStorageConfigured": "[parameters('checkWorkspaceAlertsStorageConfigured')]"
}
},
{
"condition": "[equals(parameters('telemetryOptOut'), 'No')]",
"apiVersion": "2023-07-01",
"name": "[variables('pidDeploymentName')]",
"type": "Microsoft.Resources/deployments",
"properties": {
"mode": "Incremental",
"template": {
"$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#",
"contentVersion": "1.0.0.0",
"resources": []
}
}
}
]
}
@description('Name of the alert')
@minLength(1)
param alertName string
@description('Description of alert')
param alertDescription string = 'Log Alert for Hybrid Machine Data Disk Write Latency (ms)'
@description('Specifies whether the alert is enabled')
param isEnabled bool = true
@description('Specifies whether to check linked storage and fail creation if the storage was not found')
param checkWorkspaceAlertsStorageConfigured bool = false
@description('Full Resource ID of the resource emitting the metric that will be used for the comparison. For example /subscriptions/00000000-0000-0000-0000-0000-00000000/resourceGroups/ResourceGroupName/providers/Microsoft.compute/virtualMachines/VM_xyz')
@minLength(1)
param resourceId string
@description('Mute actions for the chosen period of time (in ISO 8601 duration format) after the alert is fired.')
@allowed([
'PT1M'
'PT5M'
'PT15M'
'PT30M'
'PT1H'
'PT6H'
'PT12H'
'PT24H'
])
param muteActionsDuration string
@description('Severity of alert {0,1,2,3,4}')
@allowed([
0
1
2
3
4
])
param alertSeverity int = 2
@description('Specifies whether the alert will automatically resolve')
param autoMitigate bool = true
@description('Name of the metric used in the comparison to activate the alert.')
@minLength(1)
param query string = 'InsightsMetrics | where _ResourceId has "Microsoft.HybridCompute/machines" | where Origin == "vm.azm.ms" | where Namespace == "LogicalDisk" and Name == "WriteLatencyMs" | extend Disk=tostring(todynamic(Tags)["vm.azm.ms/mountId"]) | where Disk !in ("C:","/") | summarize AggregatedValue = avg(Val) by bin(TimeGenerated,15m), Computer, _ResourceId, Disk'
@description('Name of the measure column used in the alert evaluation.')
param metricMeasureColumn string = 'AggregatedValue'
@description('Name of the resource ID column used in the alert targeting the alerts.')
param resourceIdColumn string = '_ResourceId'
@description('Operator comparing the current value with the threshold value.')
@allowed([
'Equals'
'GreaterThan'
'GreaterThanOrEqual'
'LessThan'
'LessThanOrEqual'
])
param operator string = 'GreaterThan'
@description('The threshold value at which the alert is activated.')
param threshold int = 25
@description('The number of periods to check in the alert evaluation.')
param numberOfEvaluationPeriods int = 1
@description('The number of unhealthy periods to alert on (must be lower or equal to numberOfEvaluationPeriods).')
param minFailingPeriodsToAlert int = 1
@description('How the data that is collected should be combined over time.')
@allowed([
'Average'
'Minimum'
'Maximum'
'Total'
'Count'
])
param timeAggregation string = 'Average'
@description('Period of time used to monitor alert activity based on the threshold. Must be between one minute and one day. ISO 8601 duration format.')
@allowed([
'PT1M'
'PT5M'
'PT15M'
'PT30M'
'PT1H'
'PT6H'
'PT12H'
'PT24H'
'P1D'
])
param windowSize string = 'PT15M'
@description('how often the metric alert is evaluated represented in ISO 8601 duration format')
@allowed([
'PT5M'
'PT15M'
'PT30M'
'PT1H'
])
param evaluationFrequency string = 'PT5M'
@description('"The current date and time using the utcNow function. Used for deployment name uniqueness')
param currentDateTimeUtcNow string = utcNow()
@description('The customer usage identifier used for telemetry purposes. The default value of False enables telemetry. The value of True disables telemetry.')
@allowed([
'Yes'
'No'
])
param telemetryOptOut string = 'No'
resource alert 'Microsoft.Insights/scheduledQueryRules@2021-08-01' = {
name: alertName
location: resourceGroup().location
tags: {
_deployed_by_amba: 'true'
}
properties: {
description: alertDescription
severity: alertSeverity
enabled: isEnabled
scopes: [
resourceId
]
evaluationFrequency: evaluationFrequency
windowSize: windowSize
criteria: {
allOf: [
{
query: query
metricMeasureColumn: metricMeasureColumn
resourceIdColumn: resourceIdColumn
dimensions: [
{
name: 'Computer'
operator: 'Include'
values: ['*']
}
{
name: 'Disk'
operator: 'Include'
values: ['*']
}]
operator: operator
threshold: threshold
timeAggregation: timeAggregation
failingPeriods: {
numberOfEvaluationPeriods: numberOfEvaluationPeriods
minFailingPeriodsToAlert: minFailingPeriodsToAlert
}
}
]
}
muteActionsDuration: muteActionsDuration
autoMitigate: autoMitigate
checkWorkspaceAlertsStorageConfigured: checkWorkspaceAlertsStorageConfigured
}
}
var ambaTelemetryPidName = 'pid-8bb7cf8a-bcf7-4264-abcb-703ace2fc84d-${uniqueString(resourceGroup().id, alertName, currentDateTimeUtcNow)}'
resource ambaTelemetryPid 'Microsoft.Resources/deployments@2023-07-01' = if (telemetryOptOut == 'No') {
name: ambaTelemetryPidName
tags: {
_deployed_by_amba: 'true'
}
properties: {
mode: 'Incremental'
template: {
'$schema': 'https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#'
contentVersion: '1.0.0.0'
resources: []
}
}
}
Hybrid Machine Heartbeat Alert - Log Alert
Log Alert for Hybrid Machine Heartbeat
Properties:
| autoMitigate | true |
| autoResolve | true |
| autoResolveTime | 0:10:00 |
| dimensions | |
| evaluationFrequency | PT5M |
| failingPeriods | |
| metricMeasureColumn | AggregatedValue |
| operator | GreaterThan |
| query | |
| resouceIdColumn | _ResourceId |
| severity | 1 |
| threshold | 10 |
| timeAggregation | Average |
| windowSize | PT15M |
References:
Templates:
{
"$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentTemplate.json#",
"contentVersion": "1.0.0.0",
"parameters": {
"alertName": {
"type": "string",
"minLength": 1,
"metadata": {
"description": "Name of the alert"
}
},
"alertDescription": {
"type": "string",
"defaultValue": "Log Alert for Hybrid Machine Heartbeat",
"metadata": {
"description": "Description of alert"
}
},
"isEnabled": {
"type": "bool",
"defaultValue": true,
"metadata": {
"description": "Specifies whether the alert is enabled"
}
},
"checkWorkspaceAlertsStorageConfigured": {
"type": "bool",
"defaultValue": false,
"metadata": {
"description": "Specifies whether to check linked storage and fail creation if the storage was not found"
}
},
"resourceId": {
"type": "string",
"minLength": 1,
"metadata": {
"description": "Full Resource ID of the resource emitting the metric that will be used for the comparison. For example /subscriptions/00000000-0000-0000-0000-0000-00000000/resourceGroups/ResourceGroupName/providers/Microsoft.compute/virtualMachines/VM_xyz"
}
},
"muteActionsDuration": {
"type": "string",
"allowedValues": [
"PT1M",
"PT5M",
"PT15M",
"PT30M",
"PT1H",
"PT6H",
"PT12H",
"PT24H"
],
"metadata": {
"description": "Mute actions for the chosen period of time (in ISO 8601 duration format) after the alert is fired."
}
},
"alertSeverity": {
"type": "int",
"defaultValue": 1,
"allowedValues": [
0,
1,
2,
3,
4
],
"metadata": {
"description": "Severity of alert {0,1,2,3,4}"
}
},
"autoMitigate": {
"type": "bool",
"defaultValue": true,
"metadata": {
"description": "Specifies whether the alert will automatically resolve"
}
},
"query": {
"type": "string",
"minLength": 1,
"defaultValue": "Heartbeat | where _ResourceId has \"Microsoft.HybridCompute/machines\" | summarize TimeGenerated=max(TimeGenerated) by Computer, _ResourceId | extend Duration = datetime_diff(\"minute\",now(),TimeGenerated) | summarize AggregatedValue = min(Duration) by Computer, bin(TimeGenerated,5m), _ResourceId",
"metadata": {
"description": "Name of the metric used in the comparison to activate the alert."
}
},
"metricMeasureColumn": {
"type": "string",
"defaultValue": "AggregatedValue",
"metadata": {
"description": "Name of the measure column used in the alert evaluation."
}
},
"resourceIdColumn": {
"type": "string",
"defaultValue": "_ResourceId",
"metadata": {
"description": "Name of the resource ID column used in the alert targeting the alerts."
}
},
"operator": {
"type": "string",
"defaultValue": "GreaterThan",
"allowedValues": [
"Equals",
"GreaterThan",
"GreaterThanOrEqual",
"LessThan",
"LessThanOrEqual"
],
"metadata": {
"description": "Operator comparing the current value with the threshold value."
}
},
"threshold": {
"type": "string",
"defaultValue": "10",
"metadata": {
"description": "The threshold value at which the alert is activated."
}
},
"numberOfEvaluationPeriods": {
"type": "int",
"defaultValue": 1,
"metadata": {
"description": "The number of periods to check in the alert evaluation."
}
},
"minFailingPeriodsToAlert": {
"type": "int",
"defaultValue": 1,
"metadata": {
"description": "The number of unhealthy periods to alert on (must be lower or equal to numberOfEvaluationPeriods)."
}
},
"timeAggregation": {
"type": "string",
"defaultValue": "Average",
"allowedValues": [
"Average",
"Minimum",
"Maximum",
"Total",
"Count"
],
"metadata": {
"description": "How the data that is collected should be combined over time."
}
},
"windowSize": {
"type": "string",
"defaultValue": "PT15M",
"allowedValues": [
"PT1M",
"PT5M",
"PT15M",
"PT30M",
"PT1H",
"PT6H",
"PT12H",
"PT24H",
"PT1D"
],
"metadata": {
"description": "Period of time used to monitor alert activity based on the threshold. Must be between one minute and one day. ISO 8601 duration format."
}
},
"evaluationFrequency": {
"type": "string",
"defaultValue": "PT5M",
"allowedValues": [
"PT5M",
"PT15M",
"PT30M",
"PT1H"
],
"metadata": {
"description": "how often the metric alert is evaluated represented in ISO 8601 duration format"
}
},
"currentDateTimeUtcNow": {
"type": "string",
"defaultValue": "[utcNow()]",
"metadata": {
"description": "The current date and time using the utcNow function. Used for deployment name uniqueness"
}
},
"telemetryOptOut": {
"type": "string",
"defaultValue": "No",
"allowedValues": [
"Yes",
"No"
],
"metadata": {
"description": "The customer usage identifier used for telemetry purposes. The default value of False enables telemetry. The value of True disables telemetry."
}
}
},
"variables": {
"pidDeploymentName": "[take(concat('pid-8bb7cf8a-bcf7-4264-abcb-703ace2fc84d-', uniqueString(resourceGroup().id, parameters('alertName'), parameters('currentDateTimeUtcNow'))), 64)]"
},
"resources": [
{
"type": "Microsoft.Insights/scheduledQueryRules",
"apiVersion": "2021-08-01",
"name": "[parameters('alertName')]",
"location": "[resourceGroup().location]",
"tags": {
"_deployed_by_amba": true
},
"properties": {
"description": "[parameters('alertDescription')]",
"severity": "[parameters('alertSeverity')]",
"enabled": "[parameters('isEnabled')]",
"scopes": [
"[parameters('resourceId')]"
],
"evaluationFrequency": "[parameters('evaluationFrequency')]",
"windowSize": "[parameters('windowSize')]",
"criteria": {
"allOf": [
{
"query": "[parameters('query')]",
"metricMeasureColumn": "[parameters('metricMeasureColumn')]",
"resourceIdColumn": "[parameters('resourceIdColumn')]",
"dimensions": [{"name": "Computer", "operator": "Include", "values": ["*"]}, {"name": "Disk", "operator": "Include", "values": ["*"]}],
"operator": "[parameters('operator')]",
"threshold": "[parameters('threshold')]",
"timeAggregation": "[parameters('timeAggregation')]",
"failingPeriods": {
"numberOfEvaluationPeriods": "[parameters('numberOfEvaluationPeriods')]",
"minFailingPeriodsToAlert": "[parameters('minFailingPeriodsToAlert')]"
}
}
]
},
"muteActionsDuration": "[parameters('muteActionsDuration')]",
"autoMitigate": "[parameters('autoMitigate')]",
"checkWorkspaceAlertsStorageConfigured": "[parameters('checkWorkspaceAlertsStorageConfigured')]"
}
},
{
"condition": "[equals(parameters('telemetryOptOut'), 'No')]",
"apiVersion": "2023-07-01",
"name": "[variables('pidDeploymentName')]",
"type": "Microsoft.Resources/deployments",
"properties": {
"mode": "Incremental",
"template": {
"$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#",
"contentVersion": "1.0.0.0",
"resources": []
}
}
}
]
}
@description('Name of the alert')
@minLength(1)
param alertName string
@description('Description of alert')
param alertDescription string = 'Log Alert for Hybrid Machine Heartbeat'
@description('Specifies whether the alert is enabled')
param isEnabled bool = true
@description('Specifies whether to check linked storage and fail creation if the storage was not found')
param checkWorkspaceAlertsStorageConfigured bool = false
@description('Full Resource ID of the resource emitting the metric that will be used for the comparison. For example /subscriptions/00000000-0000-0000-0000-0000-00000000/resourceGroups/ResourceGroupName/providers/Microsoft.compute/virtualMachines/VM_xyz')
@minLength(1)
param resourceId string
@description('Mute actions for the chosen period of time (in ISO 8601 duration format) after the alert is fired.')
@allowed([
'PT1M'
'PT5M'
'PT15M'
'PT30M'
'PT1H'
'PT6H'
'PT12H'
'PT24H'
])
param muteActionsDuration string
@description('Severity of alert {0,1,2,3,4}')
@allowed([
0
1
2
3
4
])
param alertSeverity int = 1
@description('Specifies whether the alert will automatically resolve')
param autoMitigate bool = true
@description('Name of the metric used in the comparison to activate the alert.')
@minLength(1)
param query string = 'Heartbeat | where _ResourceId has "Microsoft.HybridCompute/machines" | summarize TimeGenerated=max(TimeGenerated) by Computer, _ResourceId | extend Duration = datetime_diff("minute",now(),TimeGenerated) | summarize AggregatedValue = min(Duration) by Computer, bin(TimeGenerated,5m), _ResourceId'
@description('Name of the measure column used in the alert evaluation.')
param metricMeasureColumn string = 'AggregatedValue'
@description('Name of the resource ID column used in the alert targeting the alerts.')
param resourceIdColumn string = '_ResourceId'
@description('Operator comparing the current value with the threshold value.')
@allowed([
'Equals'
'GreaterThan'
'GreaterThanOrEqual'
'LessThan'
'LessThanOrEqual'
])
param operator string = 'GreaterThan'
@description('The threshold value at which the alert is activated.')
param threshold int = 10
@description('The number of periods to check in the alert evaluation.')
param numberOfEvaluationPeriods int = 1
@description('The number of unhealthy periods to alert on (must be lower or equal to numberOfEvaluationPeriods).')
param minFailingPeriodsToAlert int = 1
@description('How the data that is collected should be combined over time.')
@allowed([
'Average'
'Minimum'
'Maximum'
'Total'
'Count'
])
param timeAggregation string = 'Average'
@description('Period of time used to monitor alert activity based on the threshold. Must be between one minute and one day. ISO 8601 duration format.')
@allowed([
'PT1M'
'PT5M'
'PT15M'
'PT30M'
'PT1H'
'PT6H'
'PT12H'
'PT24H'
'P1D'
])
param windowSize string = 'PT15M'
@description('how often the metric alert is evaluated represented in ISO 8601 duration format')
@allowed([
'PT5M'
'PT15M'
'PT30M'
'PT1H'
])
param evaluationFrequency string = 'PT5M'
@description('"The current date and time using the utcNow function. Used for deployment name uniqueness')
param currentDateTimeUtcNow string = utcNow()
@description('The customer usage identifier used for telemetry purposes. The default value of False enables telemetry. The value of True disables telemetry.')
@allowed([
'Yes'
'No'
])
param telemetryOptOut string = 'No'
resource alert 'Microsoft.Insights/scheduledQueryRules@2021-08-01' = {
name: alertName
location: resourceGroup().location
tags: {
_deployed_by_amba: 'true'
}
properties: {
description: alertDescription
severity: alertSeverity
enabled: isEnabled
scopes: [
resourceId
]
evaluationFrequency: evaluationFrequency
windowSize: windowSize
criteria: {
allOf: [
{
query: query
metricMeasureColumn: metricMeasureColumn
resourceIdColumn: resourceIdColumn
dimensions: [
{
name: 'Computer'
operator: 'Include'
values: ['*']
}
{
name: 'Disk'
operator: 'Include'
values: ['*']
}]
operator: operator
threshold: threshold
timeAggregation: timeAggregation
failingPeriods: {
numberOfEvaluationPeriods: numberOfEvaluationPeriods
minFailingPeriodsToAlert: minFailingPeriodsToAlert
}
}
]
}
muteActionsDuration: muteActionsDuration
autoMitigate: autoMitigate
checkWorkspaceAlertsStorageConfigured: checkWorkspaceAlertsStorageConfigured
}
}
var ambaTelemetryPidName = 'pid-8bb7cf8a-bcf7-4264-abcb-703ace2fc84d-${uniqueString(resourceGroup().id, alertName, currentDateTimeUtcNow)}'
resource ambaTelemetryPid 'Microsoft.Resources/deployments@2023-07-01' = if (telemetryOptOut == 'No') {
name: ambaTelemetryPidName
tags: {
_deployed_by_amba: 'true'
}
properties: {
mode: 'Incremental'
template: {
'$schema': 'https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#'
contentVersion: '1.0.0.0'
resources: []
}
}
}
Hybrid Machine Network Read Alert - Log Alert
Log Alert for Hybrid Machine Network Read (bytes/sec)
Properties:
| autoMitigate | true |
| autoResolve | true |
| autoResolveTime | 0:10:00 |
| dimensions | |
| evaluationFrequency | PT5M |
| failingPeriods | |
| metricMeasureColumn | AggregatedValue |
| operator | GreaterThan |
| query | |
| resouceIdColumn | _ResourceId |
| severity | 2 |
| threshold | 10000000 |
| timeAggregation | Average |
| windowSize | PT15M |
References:
Templates:
{
"$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentTemplate.json#",
"contentVersion": "1.0.0.0",
"parameters": {
"alertName": {
"type": "string",
"minLength": 1,
"metadata": {
"description": "Name of the alert"
}
},
"alertDescription": {
"type": "string",
"defaultValue": "Log Alert for Hybrid Machine Network Read (bytes/sec)",
"metadata": {
"description": "Description of alert"
}
},
"isEnabled": {
"type": "bool",
"defaultValue": true,
"metadata": {
"description": "Specifies whether the alert is enabled"
}
},
"checkWorkspaceAlertsStorageConfigured": {
"type": "bool",
"defaultValue": false,
"metadata": {
"description": "Specifies whether to check linked storage and fail creation if the storage was not found"
}
},
"resourceId": {
"type": "string",
"minLength": 1,
"metadata": {
"description": "Full Resource ID of the resource emitting the metric that will be used for the comparison. For example /subscriptions/00000000-0000-0000-0000-0000-00000000/resourceGroups/ResourceGroupName/providers/Microsoft.compute/virtualMachines/VM_xyz"
}
},
"muteActionsDuration": {
"type": "string",
"allowedValues": [
"PT1M",
"PT5M",
"PT15M",
"PT30M",
"PT1H",
"PT6H",
"PT12H",
"PT24H"
],
"metadata": {
"description": "Mute actions for the chosen period of time (in ISO 8601 duration format) after the alert is fired."
}
},
"alertSeverity": {
"type": "int",
"defaultValue": 2,
"allowedValues": [
0,
1,
2,
3,
4
],
"metadata": {
"description": "Severity of alert {0,1,2,3,4}"
}
},
"autoMitigate": {
"type": "bool",
"defaultValue": true,
"metadata": {
"description": "Specifies whether the alert will automatically resolve"
}
},
"query": {
"type": "string",
"minLength": 1,
"defaultValue": "InsightsMetrics | where _ResourceId has \"Microsoft.HybridCompute/machines\" | where Origin == \"vm.azm.ms\" | where Namespace == \"Network\" and Name == \"ReadBytesPerSecond\" | extend NetworkInterface=tostring(todynamic(Tags)[\"vm.azm.ms/networkDeviceId\"]) | summarize AggregatedValue = avg(Val) by bin(TimeGenerated, 15m), Computer, _ResourceId, NetworkInterface",
"metadata": {
"description": "Name of the metric used in the comparison to activate the alert."
}
},
"metricMeasureColumn": {
"type": "string",
"defaultValue": "AggregatedValue",
"metadata": {
"description": "Name of the measure column used in the alert evaluation."
}
},
"resourceIdColumn": {
"type": "string",
"defaultValue": "_ResourceId",
"metadata": {
"description": "Name of the resource ID column used in the alert targeting the alerts."
}
},
"operator": {
"type": "string",
"defaultValue": "GreaterThan",
"allowedValues": [
"Equals",
"GreaterThan",
"GreaterThanOrEqual",
"LessThan",
"LessThanOrEqual"
],
"metadata": {
"description": "Operator comparing the current value with the threshold value."
}
},
"threshold": {
"type": "string",
"defaultValue": "10000000",
"metadata": {
"description": "The threshold value at which the alert is activated."
}
},
"numberOfEvaluationPeriods": {
"type": "int",
"defaultValue": 1,
"metadata": {
"description": "The number of periods to check in the alert evaluation."
}
},
"minFailingPeriodsToAlert": {
"type": "int",
"defaultValue": 1,
"metadata": {
"description": "The number of unhealthy periods to alert on (must be lower or equal to numberOfEvaluationPeriods)."
}
},
"timeAggregation": {
"type": "string",
"defaultValue": "Average",
"allowedValues": [
"Average",
"Minimum",
"Maximum",
"Total",
"Count"
],
"metadata": {
"description": "How the data that is collected should be combined over time."
}
},
"windowSize": {
"type": "string",
"defaultValue": "PT15M",
"allowedValues": [
"PT1M",
"PT5M",
"PT15M",
"PT30M",
"PT1H",
"PT6H",
"PT12H",
"PT24H",
"PT1D"
],
"metadata": {
"description": "Period of time used to monitor alert activity based on the threshold. Must be between one minute and one day. ISO 8601 duration format."
}
},
"evaluationFrequency": {
"type": "string",
"defaultValue": "PT5M",
"allowedValues": [
"PT5M",
"PT15M",
"PT30M",
"PT1H"
],
"metadata": {
"description": "how often the metric alert is evaluated represented in ISO 8601 duration format"
}
},
"currentDateTimeUtcNow": {
"type": "string",
"defaultValue": "[utcNow()]",
"metadata": {
"description": "The current date and time using the utcNow function. Used for deployment name uniqueness"
}
},
"telemetryOptOut": {
"type": "string",
"defaultValue": "No",
"allowedValues": [
"Yes",
"No"
],
"metadata": {
"description": "The customer usage identifier used for telemetry purposes. The default value of False enables telemetry. The value of True disables telemetry."
}
}
},
"variables": {
"pidDeploymentName": "[take(concat('pid-8bb7cf8a-bcf7-4264-abcb-703ace2fc84d-', uniqueString(resourceGroup().id, parameters('alertName'), parameters('currentDateTimeUtcNow'))), 64)]"
},
"resources": [
{
"type": "Microsoft.Insights/scheduledQueryRules",
"apiVersion": "2021-08-01",
"name": "[parameters('alertName')]",
"location": "[resourceGroup().location]",
"tags": {
"_deployed_by_amba": true
},
"properties": {
"description": "[parameters('alertDescription')]",
"severity": "[parameters('alertSeverity')]",
"enabled": "[parameters('isEnabled')]",
"scopes": [
"[parameters('resourceId')]"
],
"evaluationFrequency": "[parameters('evaluationFrequency')]",
"windowSize": "[parameters('windowSize')]",
"criteria": {
"allOf": [
{
"query": "[parameters('query')]",
"metricMeasureColumn": "[parameters('metricMeasureColumn')]",
"resourceIdColumn": "[parameters('resourceIdColumn')]",
"dimensions": [{"name": "Computer", "operator": "Include", "values": ["*"]}, {"name": "Disk", "operator": "Include", "values": ["*"]}],
"operator": "[parameters('operator')]",
"threshold": "[parameters('threshold')]",
"timeAggregation": "[parameters('timeAggregation')]",
"failingPeriods": {
"numberOfEvaluationPeriods": "[parameters('numberOfEvaluationPeriods')]",
"minFailingPeriodsToAlert": "[parameters('minFailingPeriodsToAlert')]"
}
}
]
},
"muteActionsDuration": "[parameters('muteActionsDuration')]",
"autoMitigate": "[parameters('autoMitigate')]",
"checkWorkspaceAlertsStorageConfigured": "[parameters('checkWorkspaceAlertsStorageConfigured')]"
}
},
{
"condition": "[equals(parameters('telemetryOptOut'), 'No')]",
"apiVersion": "2023-07-01",
"name": "[variables('pidDeploymentName')]",
"type": "Microsoft.Resources/deployments",
"properties": {
"mode": "Incremental",
"template": {
"$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#",
"contentVersion": "1.0.0.0",
"resources": []
}
}
}
]
}
@description('Name of the alert')
@minLength(1)
param alertName string
@description('Description of alert')
param alertDescription string = 'Log Alert for Hybrid Machine Network Read (bytes/sec)'
@description('Specifies whether the alert is enabled')
param isEnabled bool = true
@description('Specifies whether to check linked storage and fail creation if the storage was not found')
param checkWorkspaceAlertsStorageConfigured bool = false
@description('Full Resource ID of the resource emitting the metric that will be used for the comparison. For example /subscriptions/00000000-0000-0000-0000-0000-00000000/resourceGroups/ResourceGroupName/providers/Microsoft.compute/virtualMachines/VM_xyz')
@minLength(1)
param resourceId string
@description('Mute actions for the chosen period of time (in ISO 8601 duration format) after the alert is fired.')
@allowed([
'PT1M'
'PT5M'
'PT15M'
'PT30M'
'PT1H'
'PT6H'
'PT12H'
'PT24H'
])
param muteActionsDuration string
@description('Severity of alert {0,1,2,3,4}')
@allowed([
0
1
2
3
4
])
param alertSeverity int = 2
@description('Specifies whether the alert will automatically resolve')
param autoMitigate bool = true
@description('Name of the metric used in the comparison to activate the alert.')
@minLength(1)
param query string = 'InsightsMetrics | where _ResourceId has "Microsoft.HybridCompute/machines" | where Origin == "vm.azm.ms" | where Namespace == "Network" and Name == "ReadBytesPerSecond" | extend NetworkInterface=tostring(todynamic(Tags)["vm.azm.ms/networkDeviceId"]) | summarize AggregatedValue = avg(Val) by bin(TimeGenerated, 15m), Computer, _ResourceId, NetworkInterface'
@description('Name of the measure column used in the alert evaluation.')
param metricMeasureColumn string = 'AggregatedValue'
@description('Name of the resource ID column used in the alert targeting the alerts.')
param resourceIdColumn string = '_ResourceId'
@description('Operator comparing the current value with the threshold value.')
@allowed([
'Equals'
'GreaterThan'
'GreaterThanOrEqual'
'LessThan'
'LessThanOrEqual'
])
param operator string = 'GreaterThan'
@description('The threshold value at which the alert is activated.')
param threshold int = 10000000
@description('The number of periods to check in the alert evaluation.')
param numberOfEvaluationPeriods int = 1
@description('The number of unhealthy periods to alert on (must be lower or equal to numberOfEvaluationPeriods).')
param minFailingPeriodsToAlert int = 1
@description('How the data that is collected should be combined over time.')
@allowed([
'Average'
'Minimum'
'Maximum'
'Total'
'Count'
])
param timeAggregation string = 'Average'
@description('Period of time used to monitor alert activity based on the threshold. Must be between one minute and one day. ISO 8601 duration format.')
@allowed([
'PT1M'
'PT5M'
'PT15M'
'PT30M'
'PT1H'
'PT6H'
'PT12H'
'PT24H'
'P1D'
])
param windowSize string = 'PT15M'
@description('how often the metric alert is evaluated represented in ISO 8601 duration format')
@allowed([
'PT5M'
'PT15M'
'PT30M'
'PT1H'
])
param evaluationFrequency string = 'PT5M'
@description('"The current date and time using the utcNow function. Used for deployment name uniqueness')
param currentDateTimeUtcNow string = utcNow()
@description('The customer usage identifier used for telemetry purposes. The default value of False enables telemetry. The value of True disables telemetry.')
@allowed([
'Yes'
'No'
])
param telemetryOptOut string = 'No'
resource alert 'Microsoft.Insights/scheduledQueryRules@2021-08-01' = {
name: alertName
location: resourceGroup().location
tags: {
_deployed_by_amba: 'true'
}
properties: {
description: alertDescription
severity: alertSeverity
enabled: isEnabled
scopes: [
resourceId
]
evaluationFrequency: evaluationFrequency
windowSize: windowSize
criteria: {
allOf: [
{
query: query
metricMeasureColumn: metricMeasureColumn
resourceIdColumn: resourceIdColumn
dimensions: [
{
name: 'Computer'
operator: 'Include'
values: ['*']
}
{
name: 'Disk'
operator: 'Include'
values: ['*']
}]
operator: operator
threshold: threshold
timeAggregation: timeAggregation
failingPeriods: {
numberOfEvaluationPeriods: numberOfEvaluationPeriods
minFailingPeriodsToAlert: minFailingPeriodsToAlert
}
}
]
}
muteActionsDuration: muteActionsDuration
autoMitigate: autoMitigate
checkWorkspaceAlertsStorageConfigured: checkWorkspaceAlertsStorageConfigured
}
}
var ambaTelemetryPidName = 'pid-8bb7cf8a-bcf7-4264-abcb-703ace2fc84d-${uniqueString(resourceGroup().id, alertName, currentDateTimeUtcNow)}'
resource ambaTelemetryPid 'Microsoft.Resources/deployments@2023-07-01' = if (telemetryOptOut == 'No') {
name: ambaTelemetryPidName
tags: {
_deployed_by_amba: 'true'
}
properties: {
mode: 'Incremental'
template: {
'$schema': 'https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#'
contentVersion: '1.0.0.0'
resources: []
}
}
}
Hybrid Machine Network Write Alert - Log Alert
Log Alert for Hybrid Machine Network Write (bytes/sec)
Properties:
| autoMitigate | true |
| autoResolve | true |
| autoResolveTime | 0:10:00 |
| dimensions | |
| evaluationFrequency | PT5M |
| failingPeriods | |
| metricMeasureColumn | AggregatedValue |
| operator | GreaterThan |
| query | |
| resouceIdColumn | _ResourceId |
| severity | 2 |
| threshold | 10000000 |
| timeAggregation | Average |
| windowSize | PT15M |
References:
Templates:
{
"$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentTemplate.json#",
"contentVersion": "1.0.0.0",
"parameters": {
"alertName": {
"type": "string",
"minLength": 1,
"metadata": {
"description": "Name of the alert"
}
},
"alertDescription": {
"type": "string",
"defaultValue": "Log Alert for Hybrid Machine Network Write (bytes/sec)",
"metadata": {
"description": "Description of alert"
}
},
"isEnabled": {
"type": "bool",
"defaultValue": true,
"metadata": {
"description": "Specifies whether the alert is enabled"
}
},
"checkWorkspaceAlertsStorageConfigured": {
"type": "bool",
"defaultValue": false,
"metadata": {
"description": "Specifies whether to check linked storage and fail creation if the storage was not found"
}
},
"resourceId": {
"type": "string",
"minLength": 1,
"metadata": {
"description": "Full Resource ID of the resource emitting the metric that will be used for the comparison. For example /subscriptions/00000000-0000-0000-0000-0000-00000000/resourceGroups/ResourceGroupName/providers/Microsoft.compute/virtualMachines/VM_xyz"
}
},
"muteActionsDuration": {
"type": "string",
"allowedValues": [
"PT1M",
"PT5M",
"PT15M",
"PT30M",
"PT1H",
"PT6H",
"PT12H",
"PT24H"
],
"metadata": {
"description": "Mute actions for the chosen period of time (in ISO 8601 duration format) after the alert is fired."
}
},
"alertSeverity": {
"type": "int",
"defaultValue": 2,
"allowedValues": [
0,
1,
2,
3,
4
],
"metadata": {
"description": "Severity of alert {0,1,2,3,4}"
}
},
"autoMitigate": {
"type": "bool",
"defaultValue": true,
"metadata": {
"description": "Specifies whether the alert will automatically resolve"
}
},
"query": {
"type": "string",
"minLength": 1,
"defaultValue": "InsightsMetrics | where _ResourceId has \"Microsoft.HybridCompute/machines\" | where Origin == \"vm.azm.ms\" | where Namespace == \"Network\" and Name == \"WriteBytesPerSecond\" | extend NetworkInterface=tostring(todynamic(Tags)[\"vm.azm.ms/networkDeviceId\"]) | summarize AggregatedValue = avg(Val) by bin(TimeGenerated, 15m), Computer, _ResourceId, NetworkInterface",
"metadata": {
"description": "Name of the metric used in the comparison to activate the alert."
}
},
"metricMeasureColumn": {
"type": "string",
"defaultValue": "AggregatedValue",
"metadata": {
"description": "Name of the measure column used in the alert evaluation."
}
},
"resourceIdColumn": {
"type": "string",
"defaultValue": "_ResourceId",
"metadata": {
"description": "Name of the resource ID column used in the alert targeting the alerts."
}
},
"operator": {
"type": "string",
"defaultValue": "GreaterThan",
"allowedValues": [
"Equals",
"GreaterThan",
"GreaterThanOrEqual",
"LessThan",
"LessThanOrEqual"
],
"metadata": {
"description": "Operator comparing the current value with the threshold value."
}
},
"threshold": {
"type": "string",
"defaultValue": "10000000",
"metadata": {
"description": "The threshold value at which the alert is activated."
}
},
"numberOfEvaluationPeriods": {
"type": "int",
"defaultValue": 1,
"metadata": {
"description": "The number of periods to check in the alert evaluation."
}
},
"minFailingPeriodsToAlert": {
"type": "int",
"defaultValue": 1,
"metadata": {
"description": "The number of unhealthy periods to alert on (must be lower or equal to numberOfEvaluationPeriods)."
}
},
"timeAggregation": {
"type": "string",
"defaultValue": "Average",
"allowedValues": [
"Average",
"Minimum",
"Maximum",
"Total",
"Count"
],
"metadata": {
"description": "How the data that is collected should be combined over time."
}
},
"windowSize": {
"type": "string",
"defaultValue": "PT15M",
"allowedValues": [
"PT1M",
"PT5M",
"PT15M",
"PT30M",
"PT1H",
"PT6H",
"PT12H",
"PT24H",
"PT1D"
],
"metadata": {
"description": "Period of time used to monitor alert activity based on the threshold. Must be between one minute and one day. ISO 8601 duration format."
}
},
"evaluationFrequency": {
"type": "string",
"defaultValue": "PT5M",
"allowedValues": [
"PT5M",
"PT15M",
"PT30M",
"PT1H"
],
"metadata": {
"description": "how often the metric alert is evaluated represented in ISO 8601 duration format"
}
},
"currentDateTimeUtcNow": {
"type": "string",
"defaultValue": "[utcNow()]",
"metadata": {
"description": "The current date and time using the utcNow function. Used for deployment name uniqueness"
}
},
"telemetryOptOut": {
"type": "string",
"defaultValue": "No",
"allowedValues": [
"Yes",
"No"
],
"metadata": {
"description": "The customer usage identifier used for telemetry purposes. The default value of False enables telemetry. The value of True disables telemetry."
}
}
},
"variables": {
"pidDeploymentName": "[take(concat('pid-8bb7cf8a-bcf7-4264-abcb-703ace2fc84d-', uniqueString(resourceGroup().id, parameters('alertName'), parameters('currentDateTimeUtcNow'))), 64)]"
},
"resources": [
{
"type": "Microsoft.Insights/scheduledQueryRules",
"apiVersion": "2021-08-01",
"name": "[parameters('alertName')]",
"location": "[resourceGroup().location]",
"tags": {
"_deployed_by_amba": true
},
"properties": {
"description": "[parameters('alertDescription')]",
"severity": "[parameters('alertSeverity')]",
"enabled": "[parameters('isEnabled')]",
"scopes": [
"[parameters('resourceId')]"
],
"evaluationFrequency": "[parameters('evaluationFrequency')]",
"windowSize": "[parameters('windowSize')]",
"criteria": {
"allOf": [
{
"query": "[parameters('query')]",
"metricMeasureColumn": "[parameters('metricMeasureColumn')]",
"resourceIdColumn": "[parameters('resourceIdColumn')]",
"dimensions": [{"name": "Computer", "operator": "Include", "values": ["*"]}, {"name": "Disk", "operator": "Include", "values": ["*"]}],
"operator": "[parameters('operator')]",
"threshold": "[parameters('threshold')]",
"timeAggregation": "[parameters('timeAggregation')]",
"failingPeriods": {
"numberOfEvaluationPeriods": "[parameters('numberOfEvaluationPeriods')]",
"minFailingPeriodsToAlert": "[parameters('minFailingPeriodsToAlert')]"
}
}
]
},
"muteActionsDuration": "[parameters('muteActionsDuration')]",
"autoMitigate": "[parameters('autoMitigate')]",
"checkWorkspaceAlertsStorageConfigured": "[parameters('checkWorkspaceAlertsStorageConfigured')]"
}
},
{
"condition": "[equals(parameters('telemetryOptOut'), 'No')]",
"apiVersion": "2023-07-01",
"name": "[variables('pidDeploymentName')]",
"type": "Microsoft.Resources/deployments",
"properties": {
"mode": "Incremental",
"template": {
"$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#",
"contentVersion": "1.0.0.0",
"resources": []
}
}
}
]
}
@description('Name of the alert')
@minLength(1)
param alertName string
@description('Description of alert')
param alertDescription string = 'Log Alert for Hybrid Machine Network Write (bytes/sec)'
@description('Specifies whether the alert is enabled')
param isEnabled bool = true
@description('Specifies whether to check linked storage and fail creation if the storage was not found')
param checkWorkspaceAlertsStorageConfigured bool = false
@description('Full Resource ID of the resource emitting the metric that will be used for the comparison. For example /subscriptions/00000000-0000-0000-0000-0000-00000000/resourceGroups/ResourceGroupName/providers/Microsoft.compute/virtualMachines/VM_xyz')
@minLength(1)
param resourceId string
@description('Mute actions for the chosen period of time (in ISO 8601 duration format) after the alert is fired.')
@allowed([
'PT1M'
'PT5M'
'PT15M'
'PT30M'
'PT1H'
'PT6H'
'PT12H'
'PT24H'
])
param muteActionsDuration string
@description('Severity of alert {0,1,2,3,4}')
@allowed([
0
1
2
3
4
])
param alertSeverity int = 2
@description('Specifies whether the alert will automatically resolve')
param autoMitigate bool = true
@description('Name of the metric used in the comparison to activate the alert.')
@minLength(1)
param query string = 'InsightsMetrics | where _ResourceId has "Microsoft.HybridCompute/machines" | where Origin == "vm.azm.ms" | where Namespace == "Network" and Name == "WriteBytesPerSecond" | extend NetworkInterface=tostring(todynamic(Tags)["vm.azm.ms/networkDeviceId"]) | summarize AggregatedValue = avg(Val) by bin(TimeGenerated, 15m), Computer, _ResourceId, NetworkInterface'
@description('Name of the measure column used in the alert evaluation.')
param metricMeasureColumn string = 'AggregatedValue'
@description('Name of the resource ID column used in the alert targeting the alerts.')
param resourceIdColumn string = '_ResourceId'
@description('Operator comparing the current value with the threshold value.')
@allowed([
'Equals'
'GreaterThan'
'GreaterThanOrEqual'
'LessThan'
'LessThanOrEqual'
])
param operator string = 'GreaterThan'
@description('The threshold value at which the alert is activated.')
param threshold int = 10000000
@description('The number of periods to check in the alert evaluation.')
param numberOfEvaluationPeriods int = 1
@description('The number of unhealthy periods to alert on (must be lower or equal to numberOfEvaluationPeriods).')
param minFailingPeriodsToAlert int = 1
@description('How the data that is collected should be combined over time.')
@allowed([
'Average'
'Minimum'
'Maximum'
'Total'
'Count'
])
param timeAggregation string = 'Average'
@description('Period of time used to monitor alert activity based on the threshold. Must be between one minute and one day. ISO 8601 duration format.')
@allowed([
'PT1M'
'PT5M'
'PT15M'
'PT30M'
'PT1H'
'PT6H'
'PT12H'
'PT24H'
'P1D'
])
param windowSize string = 'PT15M'
@description('how often the metric alert is evaluated represented in ISO 8601 duration format')
@allowed([
'PT5M'
'PT15M'
'PT30M'
'PT1H'
])
param evaluationFrequency string = 'PT5M'
@description('"The current date and time using the utcNow function. Used for deployment name uniqueness')
param currentDateTimeUtcNow string = utcNow()
@description('The customer usage identifier used for telemetry purposes. The default value of False enables telemetry. The value of True disables telemetry.')
@allowed([
'Yes'
'No'
])
param telemetryOptOut string = 'No'
resource alert 'Microsoft.Insights/scheduledQueryRules@2021-08-01' = {
name: alertName
location: resourceGroup().location
tags: {
_deployed_by_amba: 'true'
}
properties: {
description: alertDescription
severity: alertSeverity
enabled: isEnabled
scopes: [
resourceId
]
evaluationFrequency: evaluationFrequency
windowSize: windowSize
criteria: {
allOf: [
{
query: query
metricMeasureColumn: metricMeasureColumn
resourceIdColumn: resourceIdColumn
dimensions: [
{
name: 'Computer'
operator: 'Include'
values: ['*']
}
{
name: 'Disk'
operator: 'Include'
values: ['*']
}]
operator: operator
threshold: threshold
timeAggregation: timeAggregation
failingPeriods: {
numberOfEvaluationPeriods: numberOfEvaluationPeriods
minFailingPeriodsToAlert: minFailingPeriodsToAlert
}
}
]
}
muteActionsDuration: muteActionsDuration
autoMitigate: autoMitigate
checkWorkspaceAlertsStorageConfigured: checkWorkspaceAlertsStorageConfigured
}
}
var ambaTelemetryPidName = 'pid-8bb7cf8a-bcf7-4264-abcb-703ace2fc84d-${uniqueString(resourceGroup().id, alertName, currentDateTimeUtcNow)}'
resource ambaTelemetryPid 'Microsoft.Resources/deployments@2023-07-01' = if (telemetryOptOut == 'No') {
name: ambaTelemetryPidName
tags: {
_deployed_by_amba: 'true'
}
properties: {
mode: 'Incremental'
template: {
'$schema': 'https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#'
contentVersion: '1.0.0.0'
resources: []
}
}
}
Hybrid Machine OS Disk Free Space Percentage - Log Alert
Log Alert for Hybrid Machine OS Disk Free Space Percentage
Properties:
| autoMitigate | true |
| autoResolve | true |
| autoResolveTime | 0:10:00 |
| dimensions | |
| evaluationFrequency | PT5M |
| failingPeriods | |
| metricMeasureColumn | AggregatedValue |
| operator | LessThan |
| query | |
| resouceIdColumn | _ResourceId |
| severity | 2 |
| threshold | 10 |
| timeAggregation | Average |
| windowSize | PT15M |
References:
Templates:
{
"$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentTemplate.json#",
"contentVersion": "1.0.0.0",
"parameters": {
"alertName": {
"type": "string",
"minLength": 1,
"metadata": {
"description": "Name of the alert"
}
},
"alertDescription": {
"type": "string",
"defaultValue": "Log Alert for Hybrid Machine OS Disk Free Space Percentage",
"metadata": {
"description": "Description of alert"
}
},
"isEnabled": {
"type": "bool",
"defaultValue": true,
"metadata": {
"description": "Specifies whether the alert is enabled"
}
},
"checkWorkspaceAlertsStorageConfigured": {
"type": "bool",
"defaultValue": false,
"metadata": {
"description": "Specifies whether to check linked storage and fail creation if the storage was not found"
}
},
"resourceId": {
"type": "string",
"minLength": 1,
"metadata": {
"description": "Full Resource ID of the resource emitting the metric that will be used for the comparison. For example /subscriptions/00000000-0000-0000-0000-0000-00000000/resourceGroups/ResourceGroupName/providers/Microsoft.compute/virtualMachines/VM_xyz"
}
},
"muteActionsDuration": {
"type": "string",
"allowedValues": [
"PT1M",
"PT5M",
"PT15M",
"PT30M",
"PT1H",
"PT6H",
"PT12H",
"PT24H"
],
"metadata": {
"description": "Mute actions for the chosen period of time (in ISO 8601 duration format) after the alert is fired."
}
},
"alertSeverity": {
"type": "int",
"defaultValue": 2,
"allowedValues": [
0,
1,
2,
3,
4
],
"metadata": {
"description": "Severity of alert {0,1,2,3,4}"
}
},
"autoMitigate": {
"type": "bool",
"defaultValue": true,
"metadata": {
"description": "Specifies whether the alert will automatically resolve"
}
},
"query": {
"type": "string",
"minLength": 1,
"defaultValue": "InsightsMetrics | where _ResourceId has \"Microsoft.HybridCompute/machines\" | where Origin == \"vm.azm.ms\" | where Namespace == \"LogicalDisk\" and Name == \"FreeSpacePercentage\" | extend Disk=tostring(todynamic(Tags)[\"vm.azm.ms/mountId\"]) | where Disk in (\"C:\",\"/\") | summarize AggregatedValue = avg(Val) by bin(TimeGenerated, 15m), Computer, _ResourceId, Disk",
"metadata": {
"description": "Name of the metric used in the comparison to activate the alert."
}
},
"metricMeasureColumn": {
"type": "string",
"defaultValue": "AggregatedValue",
"metadata": {
"description": "Name of the measure column used in the alert evaluation."
}
},
"resourceIdColumn": {
"type": "string",
"defaultValue": "_ResourceId",
"metadata": {
"description": "Name of the resource ID column used in the alert targeting the alerts."
}
},
"operator": {
"type": "string",
"defaultValue": "LessThan",
"allowedValues": [
"Equals",
"GreaterThan",
"GreaterThanOrEqual",
"LessThan",
"LessThanOrEqual"
],
"metadata": {
"description": "Operator comparing the current value with the threshold value."
}
},
"threshold": {
"type": "string",
"defaultValue": "10",
"metadata": {
"description": "The threshold value at which the alert is activated."
}
},
"numberOfEvaluationPeriods": {
"type": "int",
"defaultValue": 1,
"metadata": {
"description": "The number of periods to check in the alert evaluation."
}
},
"minFailingPeriodsToAlert": {
"type": "int",
"defaultValue": 1,
"metadata": {
"description": "The number of unhealthy periods to alert on (must be lower or equal to numberOfEvaluationPeriods)."
}
},
"timeAggregation": {
"type": "string",
"defaultValue": "Average",
"allowedValues": [
"Average",
"Minimum",
"Maximum",
"Total",
"Count"
],
"metadata": {
"description": "How the data that is collected should be combined over time."
}
},
"windowSize": {
"type": "string",
"defaultValue": "PT15M",
"allowedValues": [
"PT1M",
"PT5M",
"PT15M",
"PT30M",
"PT1H",
"PT6H",
"PT12H",
"PT24H",
"PT1D"
],
"metadata": {
"description": "Period of time used to monitor alert activity based on the threshold. Must be between one minute and one day. ISO 8601 duration format."
}
},
"evaluationFrequency": {
"type": "string",
"defaultValue": "PT5M",
"allowedValues": [
"PT5M",
"PT15M",
"PT30M",
"PT1H"
],
"metadata": {
"description": "how often the metric alert is evaluated represented in ISO 8601 duration format"
}
},
"currentDateTimeUtcNow": {
"type": "string",
"defaultValue": "[utcNow()]",
"metadata": {
"description": "The current date and time using the utcNow function. Used for deployment name uniqueness"
}
},
"telemetryOptOut": {
"type": "string",
"defaultValue": "No",
"allowedValues": [
"Yes",
"No"
],
"metadata": {
"description": "The customer usage identifier used for telemetry purposes. The default value of False enables telemetry. The value of True disables telemetry."
}
}
},
"variables": {
"pidDeploymentName": "[take(concat('pid-8bb7cf8a-bcf7-4264-abcb-703ace2fc84d-', uniqueString(resourceGroup().id, parameters('alertName'), parameters('currentDateTimeUtcNow'))), 64)]"
},
"resources": [
{
"type": "Microsoft.Insights/scheduledQueryRules",
"apiVersion": "2021-08-01",
"name": "[parameters('alertName')]",
"location": "[resourceGroup().location]",
"tags": {
"_deployed_by_amba": true
},
"properties": {
"description": "[parameters('alertDescription')]",
"severity": "[parameters('alertSeverity')]",
"enabled": "[parameters('isEnabled')]",
"scopes": [
"[parameters('resourceId')]"
],
"evaluationFrequency": "[parameters('evaluationFrequency')]",
"windowSize": "[parameters('windowSize')]",
"criteria": {
"allOf": [
{
"query": "[parameters('query')]",
"metricMeasureColumn": "[parameters('metricMeasureColumn')]",
"resourceIdColumn": "[parameters('resourceIdColumn')]",
"dimensions": [{"name": "Computer", "operator": "Include", "values": ["*"]}, {"name": "Disk", "operator": "Include", "values": ["*"]}],
"operator": "[parameters('operator')]",
"threshold": "[parameters('threshold')]",
"timeAggregation": "[parameters('timeAggregation')]",
"failingPeriods": {
"numberOfEvaluationPeriods": "[parameters('numberOfEvaluationPeriods')]",
"minFailingPeriodsToAlert": "[parameters('minFailingPeriodsToAlert')]"
}
}
]
},
"muteActionsDuration": "[parameters('muteActionsDuration')]",
"autoMitigate": "[parameters('autoMitigate')]",
"checkWorkspaceAlertsStorageConfigured": "[parameters('checkWorkspaceAlertsStorageConfigured')]"
}
},
{
"condition": "[equals(parameters('telemetryOptOut'), 'No')]",
"apiVersion": "2023-07-01",
"name": "[variables('pidDeploymentName')]",
"type": "Microsoft.Resources/deployments",
"properties": {
"mode": "Incremental",
"template": {
"$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#",
"contentVersion": "1.0.0.0",
"resources": []
}
}
}
]
}
@description('Name of the alert')
@minLength(1)
param alertName string
@description('Description of alert')
param alertDescription string = 'Log Alert for Hybrid Machine OS Disk Free Space Percentage'
@description('Specifies whether the alert is enabled')
param isEnabled bool = true
@description('Specifies whether to check linked storage and fail creation if the storage was not found')
param checkWorkspaceAlertsStorageConfigured bool = false
@description('Full Resource ID of the resource emitting the metric that will be used for the comparison. For example /subscriptions/00000000-0000-0000-0000-0000-00000000/resourceGroups/ResourceGroupName/providers/Microsoft.compute/virtualMachines/VM_xyz')
@minLength(1)
param resourceId string
@description('Mute actions for the chosen period of time (in ISO 8601 duration format) after the alert is fired.')
@allowed([
'PT1M'
'PT5M'
'PT15M'
'PT30M'
'PT1H'
'PT6H'
'PT12H'
'PT24H'
])
param muteActionsDuration string
@description('Severity of alert {0,1,2,3,4}')
@allowed([
0
1
2
3
4
])
param alertSeverity int = 2
@description('Specifies whether the alert will automatically resolve')
param autoMitigate bool = true
@description('Name of the metric used in the comparison to activate the alert.')
@minLength(1)
param query string = 'InsightsMetrics | where _ResourceId has "Microsoft.HybridCompute/machines" | where Origin == "vm.azm.ms" | where Namespace == "LogicalDisk" and Name == "FreeSpacePercentage" | extend Disk=tostring(todynamic(Tags)["vm.azm.ms/mountId"]) | where Disk in ("C:","/") | summarize AggregatedValue = avg(Val) by bin(TimeGenerated, 15m), Computer, _ResourceId, Disk'
@description('Name of the measure column used in the alert evaluation.')
param metricMeasureColumn string = 'AggregatedValue'
@description('Name of the resource ID column used in the alert targeting the alerts.')
param resourceIdColumn string = '_ResourceId'
@description('Operator comparing the current value with the threshold value.')
@allowed([
'Equals'
'GreaterThan'
'GreaterThanOrEqual'
'LessThan'
'LessThanOrEqual'
])
param operator string = 'LessThan'
@description('The threshold value at which the alert is activated.')
param threshold int = 10
@description('The number of periods to check in the alert evaluation.')
param numberOfEvaluationPeriods int = 1
@description('The number of unhealthy periods to alert on (must be lower or equal to numberOfEvaluationPeriods).')
param minFailingPeriodsToAlert int = 1
@description('How the data that is collected should be combined over time.')
@allowed([
'Average'
'Minimum'
'Maximum'
'Total'
'Count'
])
param timeAggregation string = 'Average'
@description('Period of time used to monitor alert activity based on the threshold. Must be between one minute and one day. ISO 8601 duration format.')
@allowed([
'PT1M'
'PT5M'
'PT15M'
'PT30M'
'PT1H'
'PT6H'
'PT12H'
'PT24H'
'P1D'
])
param windowSize string = 'PT15M'
@description('how often the metric alert is evaluated represented in ISO 8601 duration format')
@allowed([
'PT5M'
'PT15M'
'PT30M'
'PT1H'
])
param evaluationFrequency string = 'PT5M'
@description('"The current date and time using the utcNow function. Used for deployment name uniqueness')
param currentDateTimeUtcNow string = utcNow()
@description('The customer usage identifier used for telemetry purposes. The default value of False enables telemetry. The value of True disables telemetry.')
@allowed([
'Yes'
'No'
])
param telemetryOptOut string = 'No'
resource alert 'Microsoft.Insights/scheduledQueryRules@2021-08-01' = {
name: alertName
location: resourceGroup().location
tags: {
_deployed_by_amba: 'true'
}
properties: {
description: alertDescription
severity: alertSeverity
enabled: isEnabled
scopes: [
resourceId
]
evaluationFrequency: evaluationFrequency
windowSize: windowSize
criteria: {
allOf: [
{
query: query
metricMeasureColumn: metricMeasureColumn
resourceIdColumn: resourceIdColumn
dimensions: [
{
name: 'Computer'
operator: 'Include'
values: ['*']
}
{
name: 'Disk'
operator: 'Include'
values: ['*']
}]
operator: operator
threshold: threshold
timeAggregation: timeAggregation
failingPeriods: {
numberOfEvaluationPeriods: numberOfEvaluationPeriods
minFailingPeriodsToAlert: minFailingPeriodsToAlert
}
}
]
}
muteActionsDuration: muteActionsDuration
autoMitigate: autoMitigate
checkWorkspaceAlertsStorageConfigured: checkWorkspaceAlertsStorageConfigured
}
}
var ambaTelemetryPidName = 'pid-8bb7cf8a-bcf7-4264-abcb-703ace2fc84d-${uniqueString(resourceGroup().id, alertName, currentDateTimeUtcNow)}'
resource ambaTelemetryPid 'Microsoft.Resources/deployments@2023-07-01' = if (telemetryOptOut == 'No') {
name: ambaTelemetryPidName
tags: {
_deployed_by_amba: 'true'
}
properties: {
mode: 'Incremental'
template: {
'$schema': 'https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#'
contentVersion: '1.0.0.0'
resources: []
}
}
}
Hybrid Machine OS Disk Read Latency Alert - Log Alert
Log Alert for Hybrid Machine Data OS Read Latency (ms)
Properties:
| autoMitigate | true |
| autoResolve | true |
| autoResolveTime | 0:10:00 |
| dimensions | |
| evaluationFrequency | PT5M |
| failingPeriods | |
| metricMeasureColumn | AggregatedValue |
| operator | GreaterThan |
| query | |
| resouceIdColumn | _ResourceId |
| severity | 2 |
| threshold | 25 |
| timeAggregation | Average |
| windowSize | PT15M |
References:
Templates:
{
"$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentTemplate.json#",
"contentVersion": "1.0.0.0",
"parameters": {
"alertName": {
"type": "string",
"minLength": 1,
"metadata": {
"description": "Name of the alert"
}
},
"alertDescription": {
"type": "string",
"defaultValue": "Log Alert for Hybrid Machine Data OS Read Latency (ms)",
"metadata": {
"description": "Description of alert"
}
},
"isEnabled": {
"type": "bool",
"defaultValue": true,
"metadata": {
"description": "Specifies whether the alert is enabled"
}
},
"checkWorkspaceAlertsStorageConfigured": {
"type": "bool",
"defaultValue": false,
"metadata": {
"description": "Specifies whether to check linked storage and fail creation if the storage was not found"
}
},
"resourceId": {
"type": "string",
"minLength": 1,
"metadata": {
"description": "Full Resource ID of the resource emitting the metric that will be used for the comparison. For example /subscriptions/00000000-0000-0000-0000-0000-00000000/resourceGroups/ResourceGroupName/providers/Microsoft.compute/virtualMachines/VM_xyz"
}
},
"muteActionsDuration": {
"type": "string",
"allowedValues": [
"PT1M",
"PT5M",
"PT15M",
"PT30M",
"PT1H",
"PT6H",
"PT12H",
"PT24H"
],
"metadata": {
"description": "Mute actions for the chosen period of time (in ISO 8601 duration format) after the alert is fired."
}
},
"alertSeverity": {
"type": "int",
"defaultValue": 2,
"allowedValues": [
0,
1,
2,
3,
4
],
"metadata": {
"description": "Severity of alert {0,1,2,3,4}"
}
},
"autoMitigate": {
"type": "bool",
"defaultValue": true,
"metadata": {
"description": "Specifies whether the alert will automatically resolve"
}
},
"query": {
"type": "string",
"minLength": 1,
"defaultValue": "InsightsMetrics | where _ResourceId has \"Microsoft.HybridCompute/machines\" | where Origin == \"vm.azm.ms\" | where Namespace == \"LogicalDisk\" and Name == \"ReadLatencyMs\" | extend Disk=tostring(todynamic(Tags)[\"vm.azm.ms/mountId\"]) | where Disk in (\"C:\",\"/\") | summarize AggregatedValue = avg(Val) by bin(TimeGenerated, 15m), Computer, _ResourceId, Disk",
"metadata": {
"description": "Name of the metric used in the comparison to activate the alert."
}
},
"metricMeasureColumn": {
"type": "string",
"defaultValue": "AggregatedValue",
"metadata": {
"description": "Name of the measure column used in the alert evaluation."
}
},
"resourceIdColumn": {
"type": "string",
"defaultValue": "_ResourceId",
"metadata": {
"description": "Name of the resource ID column used in the alert targeting the alerts."
}
},
"operator": {
"type": "string",
"defaultValue": "GreaterThan",
"allowedValues": [
"Equals",
"GreaterThan",
"GreaterThanOrEqual",
"LessThan",
"LessThanOrEqual"
],
"metadata": {
"description": "Operator comparing the current value with the threshold value."
}
},
"threshold": {
"type": "string",
"defaultValue": "25",
"metadata": {
"description": "The threshold value at which the alert is activated."
}
},
"numberOfEvaluationPeriods": {
"type": "int",
"defaultValue": 1,
"metadata": {
"description": "The number of periods to check in the alert evaluation."
}
},
"minFailingPeriodsToAlert": {
"type": "int",
"defaultValue": 1,
"metadata": {
"description": "The number of unhealthy periods to alert on (must be lower or equal to numberOfEvaluationPeriods)."
}
},
"timeAggregation": {
"type": "string",
"defaultValue": "Average",
"allowedValues": [
"Average",
"Minimum",
"Maximum",
"Total",
"Count"
],
"metadata": {
"description": "How the data that is collected should be combined over time."
}
},
"windowSize": {
"type": "string",
"defaultValue": "PT15M",
"allowedValues": [
"PT1M",
"PT5M",
"PT15M",
"PT30M",
"PT1H",
"PT6H",
"PT12H",
"PT24H",
"PT1D"
],
"metadata": {
"description": "Period of time used to monitor alert activity based on the threshold. Must be between one minute and one day. ISO 8601 duration format."
}
},
"evaluationFrequency": {
"type": "string",
"defaultValue": "PT5M",
"allowedValues": [
"PT5M",
"PT15M",
"PT30M",
"PT1H"
],
"metadata": {
"description": "how often the metric alert is evaluated represented in ISO 8601 duration format"
}
},
"currentDateTimeUtcNow": {
"type": "string",
"defaultValue": "[utcNow()]",
"metadata": {
"description": "The current date and time using the utcNow function. Used for deployment name uniqueness"
}
},
"telemetryOptOut": {
"type": "string",
"defaultValue": "No",
"allowedValues": [
"Yes",
"No"
],
"metadata": {
"description": "The customer usage identifier used for telemetry purposes. The default value of False enables telemetry. The value of True disables telemetry."
}
}
},
"variables": {
"pidDeploymentName": "[take(concat('pid-8bb7cf8a-bcf7-4264-abcb-703ace2fc84d-', uniqueString(resourceGroup().id, parameters('alertName'), parameters('currentDateTimeUtcNow'))), 64)]"
},
"resources": [
{
"type": "Microsoft.Insights/scheduledQueryRules",
"apiVersion": "2021-08-01",
"name": "[parameters('alertName')]",
"location": "[resourceGroup().location]",
"tags": {
"_deployed_by_amba": true
},
"properties": {
"description": "[parameters('alertDescription')]",
"severity": "[parameters('alertSeverity')]",
"enabled": "[parameters('isEnabled')]",
"scopes": [
"[parameters('resourceId')]"
],
"evaluationFrequency": "[parameters('evaluationFrequency')]",
"windowSize": "[parameters('windowSize')]",
"criteria": {
"allOf": [
{
"query": "[parameters('query')]",
"metricMeasureColumn": "[parameters('metricMeasureColumn')]",
"resourceIdColumn": "[parameters('resourceIdColumn')]",
"dimensions": [{"name": "Computer", "operator": "Include", "values": ["*"]}, {"name": "Disk", "operator": "Include", "values": ["*"]}],
"operator": "[parameters('operator')]",
"threshold": "[parameters('threshold')]",
"timeAggregation": "[parameters('timeAggregation')]",
"failingPeriods": {
"numberOfEvaluationPeriods": "[parameters('numberOfEvaluationPeriods')]",
"minFailingPeriodsToAlert": "[parameters('minFailingPeriodsToAlert')]"
}
}
]
},
"muteActionsDuration": "[parameters('muteActionsDuration')]",
"autoMitigate": "[parameters('autoMitigate')]",
"checkWorkspaceAlertsStorageConfigured": "[parameters('checkWorkspaceAlertsStorageConfigured')]"
}
},
{
"condition": "[equals(parameters('telemetryOptOut'), 'No')]",
"apiVersion": "2023-07-01",
"name": "[variables('pidDeploymentName')]",
"type": "Microsoft.Resources/deployments",
"properties": {
"mode": "Incremental",
"template": {
"$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#",
"contentVersion": "1.0.0.0",
"resources": []
}
}
}
]
}
@description('Name of the alert')
@minLength(1)
param alertName string
@description('Description of alert')
param alertDescription string = 'Log Alert for Hybrid Machine Data OS Read Latency (ms)'
@description('Specifies whether the alert is enabled')
param isEnabled bool = true
@description('Specifies whether to check linked storage and fail creation if the storage was not found')
param checkWorkspaceAlertsStorageConfigured bool = false
@description('Full Resource ID of the resource emitting the metric that will be used for the comparison. For example /subscriptions/00000000-0000-0000-0000-0000-00000000/resourceGroups/ResourceGroupName/providers/Microsoft.compute/virtualMachines/VM_xyz')
@minLength(1)
param resourceId string
@description('Mute actions for the chosen period of time (in ISO 8601 duration format) after the alert is fired.')
@allowed([
'PT1M'
'PT5M'
'PT15M'
'PT30M'
'PT1H'
'PT6H'
'PT12H'
'PT24H'
])
param muteActionsDuration string
@description('Severity of alert {0,1,2,3,4}')
@allowed([
0
1
2
3
4
])
param alertSeverity int = 2
@description('Specifies whether the alert will automatically resolve')
param autoMitigate bool = true
@description('Name of the metric used in the comparison to activate the alert.')
@minLength(1)
param query string = 'InsightsMetrics | where _ResourceId has "Microsoft.HybridCompute/machines" | where Origin == "vm.azm.ms" | where Namespace == "LogicalDisk" and Name == "ReadLatencyMs" | extend Disk=tostring(todynamic(Tags)["vm.azm.ms/mountId"]) | where Disk in ("C:","/") | summarize AggregatedValue = avg(Val) by bin(TimeGenerated, 15m), Computer, _ResourceId, Disk'
@description('Name of the measure column used in the alert evaluation.')
param metricMeasureColumn string = 'AggregatedValue'
@description('Name of the resource ID column used in the alert targeting the alerts.')
param resourceIdColumn string = '_ResourceId'
@description('Operator comparing the current value with the threshold value.')
@allowed([
'Equals'
'GreaterThan'
'GreaterThanOrEqual'
'LessThan'
'LessThanOrEqual'
])
param operator string = 'GreaterThan'
@description('The threshold value at which the alert is activated.')
param threshold int = 25
@description('The number of periods to check in the alert evaluation.')
param numberOfEvaluationPeriods int = 1
@description('The number of unhealthy periods to alert on (must be lower or equal to numberOfEvaluationPeriods).')
param minFailingPeriodsToAlert int = 1
@description('How the data that is collected should be combined over time.')
@allowed([
'Average'
'Minimum'
'Maximum'
'Total'
'Count'
])
param timeAggregation string = 'Average'
@description('Period of time used to monitor alert activity based on the threshold. Must be between one minute and one day. ISO 8601 duration format.')
@allowed([
'PT1M'
'PT5M'
'PT15M'
'PT30M'
'PT1H'
'PT6H'
'PT12H'
'PT24H'
'P1D'
])
param windowSize string = 'PT15M'
@description('how often the metric alert is evaluated represented in ISO 8601 duration format')
@allowed([
'PT5M'
'PT15M'
'PT30M'
'PT1H'
])
param evaluationFrequency string = 'PT5M'
@description('"The current date and time using the utcNow function. Used for deployment name uniqueness')
param currentDateTimeUtcNow string = utcNow()
@description('The customer usage identifier used for telemetry purposes. The default value of False enables telemetry. The value of True disables telemetry.')
@allowed([
'Yes'
'No'
])
param telemetryOptOut string = 'No'
resource alert 'Microsoft.Insights/scheduledQueryRules@2021-08-01' = {
name: alertName
location: resourceGroup().location
tags: {
_deployed_by_amba: 'true'
}
properties: {
description: alertDescription
severity: alertSeverity
enabled: isEnabled
scopes: [
resourceId
]
evaluationFrequency: evaluationFrequency
windowSize: windowSize
criteria: {
allOf: [
{
query: query
metricMeasureColumn: metricMeasureColumn
resourceIdColumn: resourceIdColumn
dimensions: [
{
name: 'Computer'
operator: 'Include'
values: ['*']
}
{
name: 'Disk'
operator: 'Include'
values: ['*']
}]
operator: operator
threshold: threshold
timeAggregation: timeAggregation
failingPeriods: {
numberOfEvaluationPeriods: numberOfEvaluationPeriods
minFailingPeriodsToAlert: minFailingPeriodsToAlert
}
}
]
}
muteActionsDuration: muteActionsDuration
autoMitigate: autoMitigate
checkWorkspaceAlertsStorageConfigured: checkWorkspaceAlertsStorageConfigured
}
}
var ambaTelemetryPidName = 'pid-8bb7cf8a-bcf7-4264-abcb-703ace2fc84d-${uniqueString(resourceGroup().id, alertName, currentDateTimeUtcNow)}'
resource ambaTelemetryPid 'Microsoft.Resources/deployments@2023-07-01' = if (telemetryOptOut == 'No') {
name: ambaTelemetryPidName
tags: {
_deployed_by_amba: 'true'
}
properties: {
mode: 'Incremental'
template: {
'$schema': 'https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#'
contentVersion: '1.0.0.0'
resources: []
}
}
}
Hybrid Machine OS Disk Write Latency (ms) - Log Alert
Log Alert for Hybrid Machine OS Disk Write Latency (ms)
Properties:
| autoMitigate | true |
| autoResolve | true |
| autoResolveTime | 0:10:00 |
| dimensions | |
| evaluationFrequency | PT5M |
| failingPeriods | |
| metricMeasureColumn | AggregatedValue |
| operator | GreaterThan |
| query | |
| resouceIdColumn | _ResourceId |
| severity | 2 |
| threshold | 25 |
| timeAggregation | Average |
| windowSize | PT15M |
References:
Templates:
{
"$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentTemplate.json#",
"contentVersion": "1.0.0.0",
"parameters": {
"alertName": {
"type": "string",
"minLength": 1,
"metadata": {
"description": "Name of the alert"
}
},
"alertDescription": {
"type": "string",
"defaultValue": "Log Alert for Hybrid Machine OS Disk Write Latency (ms)",
"metadata": {
"description": "Description of alert"
}
},
"isEnabled": {
"type": "bool",
"defaultValue": true,
"metadata": {
"description": "Specifies whether the alert is enabled"
}
},
"checkWorkspaceAlertsStorageConfigured": {
"type": "bool",
"defaultValue": false,
"metadata": {
"description": "Specifies whether to check linked storage and fail creation if the storage was not found"
}
},
"resourceId": {
"type": "string",
"minLength": 1,
"metadata": {
"description": "Full Resource ID of the resource emitting the metric that will be used for the comparison. For example /subscriptions/00000000-0000-0000-0000-0000-00000000/resourceGroups/ResourceGroupName/providers/Microsoft.compute/virtualMachines/VM_xyz"
}
},
"muteActionsDuration": {
"type": "string",
"allowedValues": [
"PT1M",
"PT5M",
"PT15M",
"PT30M",
"PT1H",
"PT6H",
"PT12H",
"PT24H"
],
"metadata": {
"description": "Mute actions for the chosen period of time (in ISO 8601 duration format) after the alert is fired."
}
},
"alertSeverity": {
"type": "int",
"defaultValue": 2,
"allowedValues": [
0,
1,
2,
3,
4
],
"metadata": {
"description": "Severity of alert {0,1,2,3,4}"
}
},
"autoMitigate": {
"type": "bool",
"defaultValue": true,
"metadata": {
"description": "Specifies whether the alert will automatically resolve"
}
},
"query": {
"type": "string",
"minLength": 1,
"defaultValue": "InsightsMetrics | where _ResourceId has \"Microsoft.HybridCompute/machines\" | where Origin == \"vm.azm.ms\" | where Namespace == \"LogicalDisk\" and Name == \"WriteLatencyMs\" | extend Disk=tostring(todynamic(Tags)[\"vm.azm.ms/mountId\"]) | where Disk in (\"C:\",\"/\") | summarize AggregatedValue = avg(Val) by bin(TimeGenerated, 15m), Computer, _ResourceId, Disk",
"metadata": {
"description": "Name of the metric used in the comparison to activate the alert."
}
},
"metricMeasureColumn": {
"type": "string",
"defaultValue": "AggregatedValue",
"metadata": {
"description": "Name of the measure column used in the alert evaluation."
}
},
"resourceIdColumn": {
"type": "string",
"defaultValue": "_ResourceId",
"metadata": {
"description": "Name of the resource ID column used in the alert targeting the alerts."
}
},
"operator": {
"type": "string",
"defaultValue": "GreaterThan",
"allowedValues": [
"Equals",
"GreaterThan",
"GreaterThanOrEqual",
"LessThan",
"LessThanOrEqual"
],
"metadata": {
"description": "Operator comparing the current value with the threshold value."
}
},
"threshold": {
"type": "string",
"defaultValue": "25",
"metadata": {
"description": "The threshold value at which the alert is activated."
}
},
"numberOfEvaluationPeriods": {
"type": "int",
"defaultValue": 1,
"metadata": {
"description": "The number of periods to check in the alert evaluation."
}
},
"minFailingPeriodsToAlert": {
"type": "int",
"defaultValue": 1,
"metadata": {
"description": "The number of unhealthy periods to alert on (must be lower or equal to numberOfEvaluationPeriods)."
}
},
"timeAggregation": {
"type": "string",
"defaultValue": "Average",
"allowedValues": [
"Average",
"Minimum",
"Maximum",
"Total",
"Count"
],
"metadata": {
"description": "How the data that is collected should be combined over time."
}
},
"windowSize": {
"type": "string",
"defaultValue": "PT15M",
"allowedValues": [
"PT1M",
"PT5M",
"PT15M",
"PT30M",
"PT1H",
"PT6H",
"PT12H",
"PT24H",
"PT1D"
],
"metadata": {
"description": "Period of time used to monitor alert activity based on the threshold. Must be between one minute and one day. ISO 8601 duration format."
}
},
"evaluationFrequency": {
"type": "string",
"defaultValue": "PT5M",
"allowedValues": [
"PT5M",
"PT15M",
"PT30M",
"PT1H"
],
"metadata": {
"description": "how often the metric alert is evaluated represented in ISO 8601 duration format"
}
},
"currentDateTimeUtcNow": {
"type": "string",
"defaultValue": "[utcNow()]",
"metadata": {
"description": "The current date and time using the utcNow function. Used for deployment name uniqueness"
}
},
"telemetryOptOut": {
"type": "string",
"defaultValue": "No",
"allowedValues": [
"Yes",
"No"
],
"metadata": {
"description": "The customer usage identifier used for telemetry purposes. The default value of False enables telemetry. The value of True disables telemetry."
}
}
},
"variables": {
"pidDeploymentName": "[take(concat('pid-8bb7cf8a-bcf7-4264-abcb-703ace2fc84d-', uniqueString(resourceGroup().id, parameters('alertName'), parameters('currentDateTimeUtcNow'))), 64)]"
},
"resources": [
{
"type": "Microsoft.Insights/scheduledQueryRules",
"apiVersion": "2021-08-01",
"name": "[parameters('alertName')]",
"location": "[resourceGroup().location]",
"tags": {
"_deployed_by_amba": true
},
"properties": {
"description": "[parameters('alertDescription')]",
"severity": "[parameters('alertSeverity')]",
"enabled": "[parameters('isEnabled')]",
"scopes": [
"[parameters('resourceId')]"
],
"evaluationFrequency": "[parameters('evaluationFrequency')]",
"windowSize": "[parameters('windowSize')]",
"criteria": {
"allOf": [
{
"query": "[parameters('query')]",
"metricMeasureColumn": "[parameters('metricMeasureColumn')]",
"resourceIdColumn": "[parameters('resourceIdColumn')]",
"dimensions": [{"name": "Computer", "operator": "Include", "values": ["*"]}, {"name": "Disk", "operator": "Include", "values": ["*"]}],
"operator": "[parameters('operator')]",
"threshold": "[parameters('threshold')]",
"timeAggregation": "[parameters('timeAggregation')]",
"failingPeriods": {
"numberOfEvaluationPeriods": "[parameters('numberOfEvaluationPeriods')]",
"minFailingPeriodsToAlert": "[parameters('minFailingPeriodsToAlert')]"
}
}
]
},
"muteActionsDuration": "[parameters('muteActionsDuration')]",
"autoMitigate": "[parameters('autoMitigate')]",
"checkWorkspaceAlertsStorageConfigured": "[parameters('checkWorkspaceAlertsStorageConfigured')]"
}
},
{
"condition": "[equals(parameters('telemetryOptOut'), 'No')]",
"apiVersion": "2023-07-01",
"name": "[variables('pidDeploymentName')]",
"type": "Microsoft.Resources/deployments",
"properties": {
"mode": "Incremental",
"template": {
"$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#",
"contentVersion": "1.0.0.0",
"resources": []
}
}
}
]
}
@description('Name of the alert')
@minLength(1)
param alertName string
@description('Description of alert')
param alertDescription string = 'Log Alert for Hybrid Machine OS Disk Write Latency (ms)'
@description('Specifies whether the alert is enabled')
param isEnabled bool = true
@description('Specifies whether to check linked storage and fail creation if the storage was not found')
param checkWorkspaceAlertsStorageConfigured bool = false
@description('Full Resource ID of the resource emitting the metric that will be used for the comparison. For example /subscriptions/00000000-0000-0000-0000-0000-00000000/resourceGroups/ResourceGroupName/providers/Microsoft.compute/virtualMachines/VM_xyz')
@minLength(1)
param resourceId string
@description('Mute actions for the chosen period of time (in ISO 8601 duration format) after the alert is fired.')
@allowed([
'PT1M'
'PT5M'
'PT15M'
'PT30M'
'PT1H'
'PT6H'
'PT12H'
'PT24H'
])
param muteActionsDuration string
@description('Severity of alert {0,1,2,3,4}')
@allowed([
0
1
2
3
4
])
param alertSeverity int = 2
@description('Specifies whether the alert will automatically resolve')
param autoMitigate bool = true
@description('Name of the metric used in the comparison to activate the alert.')
@minLength(1)
param query string = 'InsightsMetrics | where _ResourceId has "Microsoft.HybridCompute/machines" | where Origin == "vm.azm.ms" | where Namespace == "LogicalDisk" and Name == "WriteLatencyMs" | extend Disk=tostring(todynamic(Tags)["vm.azm.ms/mountId"]) | where Disk in ("C:","/") | summarize AggregatedValue = avg(Val) by bin(TimeGenerated, 15m), Computer, _ResourceId, Disk'
@description('Name of the measure column used in the alert evaluation.')
param metricMeasureColumn string = 'AggregatedValue'
@description('Name of the resource ID column used in the alert targeting the alerts.')
param resourceIdColumn string = '_ResourceId'
@description('Operator comparing the current value with the threshold value.')
@allowed([
'Equals'
'GreaterThan'
'GreaterThanOrEqual'
'LessThan'
'LessThanOrEqual'
])
param operator string = 'GreaterThan'
@description('The threshold value at which the alert is activated.')
param threshold int = 25
@description('The number of periods to check in the alert evaluation.')
param numberOfEvaluationPeriods int = 1
@description('The number of unhealthy periods to alert on (must be lower or equal to numberOfEvaluationPeriods).')
param minFailingPeriodsToAlert int = 1
@description('How the data that is collected should be combined over time.')
@allowed([
'Average'
'Minimum'
'Maximum'
'Total'
'Count'
])
param timeAggregation string = 'Average'
@description('Period of time used to monitor alert activity based on the threshold. Must be between one minute and one day. ISO 8601 duration format.')
@allowed([
'PT1M'
'PT5M'
'PT15M'
'PT30M'
'PT1H'
'PT6H'
'PT12H'
'PT24H'
'P1D'
])
param windowSize string = 'PT15M'
@description('how often the metric alert is evaluated represented in ISO 8601 duration format')
@allowed([
'PT5M'
'PT15M'
'PT30M'
'PT1H'
])
param evaluationFrequency string = 'PT5M'
@description('"The current date and time using the utcNow function. Used for deployment name uniqueness')
param currentDateTimeUtcNow string = utcNow()
@description('The customer usage identifier used for telemetry purposes. The default value of False enables telemetry. The value of True disables telemetry.')
@allowed([
'Yes'
'No'
])
param telemetryOptOut string = 'No'
resource alert 'Microsoft.Insights/scheduledQueryRules@2021-08-01' = {
name: alertName
location: resourceGroup().location
tags: {
_deployed_by_amba: 'true'
}
properties: {
description: alertDescription
severity: alertSeverity
enabled: isEnabled
scopes: [
resourceId
]
evaluationFrequency: evaluationFrequency
windowSize: windowSize
criteria: {
allOf: [
{
query: query
metricMeasureColumn: metricMeasureColumn
resourceIdColumn: resourceIdColumn
dimensions: [
{
name: 'Computer'
operator: 'Include'
values: ['*']
}
{
name: 'Disk'
operator: 'Include'
values: ['*']
}]
operator: operator
threshold: threshold
timeAggregation: timeAggregation
failingPeriods: {
numberOfEvaluationPeriods: numberOfEvaluationPeriods
minFailingPeriodsToAlert: minFailingPeriodsToAlert
}
}
]
}
muteActionsDuration: muteActionsDuration
autoMitigate: autoMitigate
checkWorkspaceAlertsStorageConfigured: checkWorkspaceAlertsStorageConfigured
}
}
var ambaTelemetryPidName = 'pid-8bb7cf8a-bcf7-4264-abcb-703ace2fc84d-${uniqueString(resourceGroup().id, alertName, currentDateTimeUtcNow)}'
resource ambaTelemetryPid 'Microsoft.Resources/deployments@2023-07-01' = if (telemetryOptOut == 'No') {
name: ambaTelemetryPidName
tags: {
_deployed_by_amba: 'true'
}
properties: {
mode: 'Incremental'
template: {
'$schema': 'https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#'
contentVersion: '1.0.0.0'
resources: []
}
}
}
Hybrid Machine Processor Utilization Percentage - Log Alert
Log Alert for Hybrid Machine Processor Utilization Percentage
Properties:
| autoMitigate | true |
| autoResolve | true |
| autoResolveTime | 0:10:00 |
| dimensions | |
| evaluationFrequency | PT5M |
| failingPeriods | |
| metricMeasureColumn | AggregatedValue |
| operator | GreaterThan |
| query | |
| resouceIdColumn | _ResourceId |
| severity | 2 |
| threshold | 85 |
| timeAggregation | Average |
| windowSize | PT15M |
References:
Templates:
{
"$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentTemplate.json#",
"contentVersion": "1.0.0.0",
"parameters": {
"alertName": {
"type": "string",
"minLength": 1,
"metadata": {
"description": "Name of the alert"
}
},
"alertDescription": {
"type": "string",
"defaultValue": "Log Alert for Hybrid Machine Processor Utilization Percentage",
"metadata": {
"description": "Description of alert"
}
},
"isEnabled": {
"type": "bool",
"defaultValue": true,
"metadata": {
"description": "Specifies whether the alert is enabled"
}
},
"checkWorkspaceAlertsStorageConfigured": {
"type": "bool",
"defaultValue": false,
"metadata": {
"description": "Specifies whether to check linked storage and fail creation if the storage was not found"
}
},
"resourceId": {
"type": "string",
"minLength": 1,
"metadata": {
"description": "Full Resource ID of the resource emitting the metric that will be used for the comparison. For example /subscriptions/00000000-0000-0000-0000-0000-00000000/resourceGroups/ResourceGroupName/providers/Microsoft.compute/virtualMachines/VM_xyz"
}
},
"muteActionsDuration": {
"type": "string",
"allowedValues": [
"PT1M",
"PT5M",
"PT15M",
"PT30M",
"PT1H",
"PT6H",
"PT12H",
"PT24H"
],
"metadata": {
"description": "Mute actions for the chosen period of time (in ISO 8601 duration format) after the alert is fired."
}
},
"alertSeverity": {
"type": "int",
"defaultValue": 2,
"allowedValues": [
0,
1,
2,
3,
4
],
"metadata": {
"description": "Severity of alert {0,1,2,3,4}"
}
},
"autoMitigate": {
"type": "bool",
"defaultValue": true,
"metadata": {
"description": "Specifies whether the alert will automatically resolve"
}
},
"query": {
"type": "string",
"minLength": 1,
"defaultValue": "InsightsMetrics | where _ResourceId has \"Microsoft.HybridCompute/machines\" | where Origin == \"vm.azm.ms\" | where Namespace == \"Processor\" and Name == \"UtilizationPercentage\" | summarize AggregatedValue = avg(Val) by bin(TimeGenerated, 15m), Computer, _ResourceId",
"metadata": {
"description": "Name of the metric used in the comparison to activate the alert."
}
},
"metricMeasureColumn": {
"type": "string",
"defaultValue": "AggregatedValue",
"metadata": {
"description": "Name of the measure column used in the alert evaluation."
}
},
"resourceIdColumn": {
"type": "string",
"defaultValue": "_ResourceId",
"metadata": {
"description": "Name of the resource ID column used in the alert targeting the alerts."
}
},
"operator": {
"type": "string",
"defaultValue": "GreaterThan",
"allowedValues": [
"Equals",
"GreaterThan",
"GreaterThanOrEqual",
"LessThan",
"LessThanOrEqual"
],
"metadata": {
"description": "Operator comparing the current value with the threshold value."
}
},
"threshold": {
"type": "string",
"defaultValue": "85",
"metadata": {
"description": "The threshold value at which the alert is activated."
}
},
"numberOfEvaluationPeriods": {
"type": "int",
"defaultValue": 1,
"metadata": {
"description": "The number of periods to check in the alert evaluation."
}
},
"minFailingPeriodsToAlert": {
"type": "int",
"defaultValue": 1,
"metadata": {
"description": "The number of unhealthy periods to alert on (must be lower or equal to numberOfEvaluationPeriods)."
}
},
"timeAggregation": {
"type": "string",
"defaultValue": "Average",
"allowedValues": [
"Average",
"Minimum",
"Maximum",
"Total",
"Count"
],
"metadata": {
"description": "How the data that is collected should be combined over time."
}
},
"windowSize": {
"type": "string",
"defaultValue": "PT15M",
"allowedValues": [
"PT1M",
"PT5M",
"PT15M",
"PT30M",
"PT1H",
"PT6H",
"PT12H",
"PT24H",
"PT1D"
],
"metadata": {
"description": "Period of time used to monitor alert activity based on the threshold. Must be between one minute and one day. ISO 8601 duration format."
}
},
"evaluationFrequency": {
"type": "string",
"defaultValue": "PT5M",
"allowedValues": [
"PT5M",
"PT15M",
"PT30M",
"PT1H"
],
"metadata": {
"description": "how often the metric alert is evaluated represented in ISO 8601 duration format"
}
},
"currentDateTimeUtcNow": {
"type": "string",
"defaultValue": "[utcNow()]",
"metadata": {
"description": "The current date and time using the utcNow function. Used for deployment name uniqueness"
}
},
"telemetryOptOut": {
"type": "string",
"defaultValue": "No",
"allowedValues": [
"Yes",
"No"
],
"metadata": {
"description": "The customer usage identifier used for telemetry purposes. The default value of False enables telemetry. The value of True disables telemetry."
}
}
},
"variables": {
"pidDeploymentName": "[take(concat('pid-8bb7cf8a-bcf7-4264-abcb-703ace2fc84d-', uniqueString(resourceGroup().id, parameters('alertName'), parameters('currentDateTimeUtcNow'))), 64)]"
},
"resources": [
{
"type": "Microsoft.Insights/scheduledQueryRules",
"apiVersion": "2021-08-01",
"name": "[parameters('alertName')]",
"location": "[resourceGroup().location]",
"tags": {
"_deployed_by_amba": true
},
"properties": {
"description": "[parameters('alertDescription')]",
"severity": "[parameters('alertSeverity')]",
"enabled": "[parameters('isEnabled')]",
"scopes": [
"[parameters('resourceId')]"
],
"evaluationFrequency": "[parameters('evaluationFrequency')]",
"windowSize": "[parameters('windowSize')]",
"criteria": {
"allOf": [
{
"query": "[parameters('query')]",
"metricMeasureColumn": "[parameters('metricMeasureColumn')]",
"resourceIdColumn": "[parameters('resourceIdColumn')]",
"dimensions": [{"name": "Computer", "operator": "Include", "values": ["*"]}],
"operator": "[parameters('operator')]",
"threshold": "[parameters('threshold')]",
"timeAggregation": "[parameters('timeAggregation')]",
"failingPeriods": {
"numberOfEvaluationPeriods": "[parameters('numberOfEvaluationPeriods')]",
"minFailingPeriodsToAlert": "[parameters('minFailingPeriodsToAlert')]"
}
}
]
},
"muteActionsDuration": "[parameters('muteActionsDuration')]",
"autoMitigate": "[parameters('autoMitigate')]",
"checkWorkspaceAlertsStorageConfigured": "[parameters('checkWorkspaceAlertsStorageConfigured')]"
}
},
{
"condition": "[equals(parameters('telemetryOptOut'), 'No')]",
"apiVersion": "2023-07-01",
"name": "[variables('pidDeploymentName')]",
"type": "Microsoft.Resources/deployments",
"properties": {
"mode": "Incremental",
"template": {
"$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#",
"contentVersion": "1.0.0.0",
"resources": []
}
}
}
]
}
@description('Name of the alert')
@minLength(1)
param alertName string
@description('Description of alert')
param alertDescription string = 'Log Alert for Hybrid Machine Processor Utilization Percentage'
@description('Specifies whether the alert is enabled')
param isEnabled bool = true
@description('Specifies whether to check linked storage and fail creation if the storage was not found')
param checkWorkspaceAlertsStorageConfigured bool = false
@description('Full Resource ID of the resource emitting the metric that will be used for the comparison. For example /subscriptions/00000000-0000-0000-0000-0000-00000000/resourceGroups/ResourceGroupName/providers/Microsoft.compute/virtualMachines/VM_xyz')
@minLength(1)
param resourceId string
@description('Mute actions for the chosen period of time (in ISO 8601 duration format) after the alert is fired.')
@allowed([
'PT1M'
'PT5M'
'PT15M'
'PT30M'
'PT1H'
'PT6H'
'PT12H'
'PT24H'
])
param muteActionsDuration string
@description('Severity of alert {0,1,2,3,4}')
@allowed([
0
1
2
3
4
])
param alertSeverity int = 2
@description('Specifies whether the alert will automatically resolve')
param autoMitigate bool = true
@description('Name of the metric used in the comparison to activate the alert.')
@minLength(1)
param query string = 'InsightsMetrics | where _ResourceId has "Microsoft.HybridCompute/machines" | where Origin == "vm.azm.ms" | where Namespace == "Processor" and Name == "UtilizationPercentage" | summarize AggregatedValue = avg(Val) by bin(TimeGenerated, 15m), Computer, _ResourceId'
@description('Name of the measure column used in the alert evaluation.')
param metricMeasureColumn string = 'AggregatedValue'
@description('Name of the resource ID column used in the alert targeting the alerts.')
param resourceIdColumn string = '_ResourceId'
@description('Operator comparing the current value with the threshold value.')
@allowed([
'Equals'
'GreaterThan'
'GreaterThanOrEqual'
'LessThan'
'LessThanOrEqual'
])
param operator string = 'GreaterThan'
@description('The threshold value at which the alert is activated.')
param threshold int = 85
@description('The number of periods to check in the alert evaluation.')
param numberOfEvaluationPeriods int = 1
@description('The number of unhealthy periods to alert on (must be lower or equal to numberOfEvaluationPeriods).')
param minFailingPeriodsToAlert int = 1
@description('How the data that is collected should be combined over time.')
@allowed([
'Average'
'Minimum'
'Maximum'
'Total'
'Count'
])
param timeAggregation string = 'Average'
@description('Period of time used to monitor alert activity based on the threshold. Must be between one minute and one day. ISO 8601 duration format.')
@allowed([
'PT1M'
'PT5M'
'PT15M'
'PT30M'
'PT1H'
'PT6H'
'PT12H'
'PT24H'
'P1D'
])
param windowSize string = 'PT15M'
@description('how often the metric alert is evaluated represented in ISO 8601 duration format')
@allowed([
'PT5M'
'PT15M'
'PT30M'
'PT1H'
])
param evaluationFrequency string = 'PT5M'
@description('"The current date and time using the utcNow function. Used for deployment name uniqueness')
param currentDateTimeUtcNow string = utcNow()
@description('The customer usage identifier used for telemetry purposes. The default value of False enables telemetry. The value of True disables telemetry.')
@allowed([
'Yes'
'No'
])
param telemetryOptOut string = 'No'
resource alert 'Microsoft.Insights/scheduledQueryRules@2021-08-01' = {
name: alertName
location: resourceGroup().location
tags: {
_deployed_by_amba: 'true'
}
properties: {
description: alertDescription
severity: alertSeverity
enabled: isEnabled
scopes: [
resourceId
]
evaluationFrequency: evaluationFrequency
windowSize: windowSize
criteria: {
allOf: [
{
query: query
metricMeasureColumn: metricMeasureColumn
resourceIdColumn: resourceIdColumn
dimensions: [
{
name: 'Computer'
operator: 'Include'
values: ['*']
}]
operator: operator
threshold: threshold
timeAggregation: timeAggregation
failingPeriods: {
numberOfEvaluationPeriods: numberOfEvaluationPeriods
minFailingPeriodsToAlert: minFailingPeriodsToAlert
}
}
]
}
muteActionsDuration: muteActionsDuration
autoMitigate: autoMitigate
checkWorkspaceAlertsStorageConfigured: checkWorkspaceAlertsStorageConfigured
}
}
var ambaTelemetryPidName = 'pid-8bb7cf8a-bcf7-4264-abcb-703ace2fc84d-${uniqueString(resourceGroup().id, alertName, currentDateTimeUtcNow)}'
resource ambaTelemetryPid 'Microsoft.Resources/deployments@2023-07-01' = if (telemetryOptOut == 'No') {
name: ambaTelemetryPidName
tags: {
_deployed_by_amba: 'true'
}
properties: {
mode: 'Incremental'
template: {
'$schema': 'https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#'
contentVersion: '1.0.0.0'
resources: []
}
}
}