如何使用 Terraform 实现 Azure Monitoring Alert VM Heartbeat with Log Workspace
How to implement Azure Monitoring Alert VM Heartbeat with Log Workspace using Terraform
需要使用 KQL/Kusto 查询在 Azure 监控中实施一系列警报。这是非常基本的,例如心跳,可用磁盘 space(基于代理输出到 Log Workspace)。
查看 Terraform 文档,我不确定要使用哪些资源。我希望我需要先在资源中构建查询,然后再构建警报资源。但是,查看文档似乎应该将查询添加到此资源中。
无论如何,如果有人能分享一个为虚拟机实施 azure 监视器警报的示例,那就太棒了,Win/linux。
谢谢UserP。将您的建议作为答案发布以帮助其他社区成员。
azurerm_monitor_scheduled_query_rules_alert
- 管理 Azure Monitor 中的 AlertingAction 计划查询规则资源。
resource "azurerm_resource_group" "example" {
name = "monitoring-resources"
location = "West Europe"
}
resource "azurerm_application_insights" "example" {
name = "appinsights"
location = var.location
resource_group_name = azurerm_resource_group.example.name
application_type = "web"
}
resource "azurerm_application_insights" "example2" {
name = "appinsights2"
location = var.location
resource_group_name = azurerm_resource_group.example.name
application_type = "web"
}
# Example: Alerting Action with metric trigger
resource "azurerm_monitor_scheduled_query_rules_alert" "example" {
name = format("%s-queryrule", var.prefix)
location = azurerm_resource_group.example.location
resource_group_name = azurerm_resource_group.example.name
action {
action_group = []
email_subject = "Email Header"
custom_webhook_payload = "{}"
}
data_source_id = azurerm_application_insights.example.id
description = "Query results grouped into AggregatedValue; alert when results cross threshold"
enabled = true
# Count all requests with server error result code grouped into 5-minute bins by HTTP operation
query = <<-QUERY
requests
| where tolong(resultCode) >= 500
| summarize AggregatedValue = count() by operation_Name, bin(timestamp, 5m)
QUERY
severity = 1
frequency = 5
time_window = 30
trigger {
operator = "GreaterThan"
threshold = 3
metric_trigger {
operator = "GreaterThan"
threshold = 1
metric_trigger_type = "Total"
metric_column = "operation_Name"
}
}
}
可以参考azurerm_monitor_scheduled_query_rules_alert and Support alerts based on Log analytics queries
需要使用 KQL/Kusto 查询在 Azure 监控中实施一系列警报。这是非常基本的,例如心跳,可用磁盘 space(基于代理输出到 Log Workspace)。
查看 Terraform 文档,我不确定要使用哪些资源。我希望我需要先在资源中构建查询,然后再构建警报资源。但是,查看文档似乎应该将查询添加到此资源中。
无论如何,如果有人能分享一个为虚拟机实施 azure 监视器警报的示例,那就太棒了,Win/linux。
谢谢UserP。将您的建议作为答案发布以帮助其他社区成员。
azurerm_monitor_scheduled_query_rules_alert
- 管理 Azure Monitor 中的 AlertingAction 计划查询规则资源。
resource "azurerm_resource_group" "example" {
name = "monitoring-resources"
location = "West Europe"
}
resource "azurerm_application_insights" "example" {
name = "appinsights"
location = var.location
resource_group_name = azurerm_resource_group.example.name
application_type = "web"
}
resource "azurerm_application_insights" "example2" {
name = "appinsights2"
location = var.location
resource_group_name = azurerm_resource_group.example.name
application_type = "web"
}
# Example: Alerting Action with metric trigger
resource "azurerm_monitor_scheduled_query_rules_alert" "example" {
name = format("%s-queryrule", var.prefix)
location = azurerm_resource_group.example.location
resource_group_name = azurerm_resource_group.example.name
action {
action_group = []
email_subject = "Email Header"
custom_webhook_payload = "{}"
}
data_source_id = azurerm_application_insights.example.id
description = "Query results grouped into AggregatedValue; alert when results cross threshold"
enabled = true
# Count all requests with server error result code grouped into 5-minute bins by HTTP operation
query = <<-QUERY
requests
| where tolong(resultCode) >= 500
| summarize AggregatedValue = count() by operation_Name, bin(timestamp, 5m)
QUERY
severity = 1
frequency = 5
time_window = 30
trigger {
operator = "GreaterThan"
threshold = 3
metric_trigger {
operator = "GreaterThan"
threshold = 1
metric_trigger_type = "Total"
metric_column = "operation_Name"
}
}
}
可以参考azurerm_monitor_scheduled_query_rules_alert and Support alerts based on Log analytics queries