From 28958c280868b2ab22e91791dd1157738a9de5eb Mon Sep 17 00:00:00 2001 From: Bryan Zabchuk Date: Wed, 4 Oct 2023 15:55:13 -0400 Subject: [PATCH 1/5] Updates to Alert-Details text and included new image, start correcting paths in Policy initiatives. --- docs/content/patterns/alz/Alerts-Details.md | 21 ++++--- .../patterns/alz/Policy-Initiatives.md | 24 ++++---- .../media/AlertDetailsDownloadReference.png | Bin 0 -> 16492 bytes .../Automation/automationAccounts/alerts.yaml | 53 +++++++++--------- 4 files changed, 52 insertions(+), 46 deletions(-) create mode 100644 docs/content/patterns/alz/media/AlertDetailsDownloadReference.png diff --git a/docs/content/patterns/alz/Alerts-Details.md b/docs/content/patterns/alz/Alerts-Details.md index cb1a584a1..abbaa6229 100644 --- a/docs/content/patterns/alz/Alerts-Details.md +++ b/docs/content/patterns/alz/Alerts-Details.md @@ -4,16 +4,20 @@ geekdocCollapseSection: true weight: 30 --- -The following metric alerts have been defined and can deployed within your landing zones via Azure Policy. +Specific alerts for ALZ can be downloaded by clicking on the Download icon (highlighted in red below)in the top right corner of the AMBA documentation. + +![Alert-Details Download icon](media/AlertDetailsDownloadReference.png) + +The best way to see which policy alert rules are part of the ALZ pattern it is best to go to the [Policy-Initiatives](docs/content/patterns/alz/Policy-Initiatives.md) page. The resources, metric alerts and their settings provide you with a starting point to help you address the following monitoring questions: "What should we monitor in Azure?" and "What alert settings should we use?" While they are opinionated settings and they are meant to cover the most common Azure Landing Zone components, we encourage you to adjust these settings to suit your monitoring needs based on how you're using Azure. -If you have suggestions for other resources that should be included please open an Issue on this page providing the Azure resource provider and settings you'd like implemented, we can't promise to implement them all but we will look into it. Or if you'd like to contribute directly, follow the steps on how to contribute [here](../../../contributing/patterns). +If you have suggestions for other resources that should be included please open an Issue on this page providing the Azure resource provider and settings you'd like implemented, we can't promise to implement them all but we will look into it. Or if you'd like to contribute directly, follow the steps on how to contribute [here](../../../contributing/). -## Metric Alerts Settings +## Azure Landing Zone Metric Alerts Settings The values shown for Aggregation, Operator, Threshold, WindowSize, Frequency and Severity have been derived from field experience and what customers have implemented themselves; Alerts are based on Microsoft public guidance where available (indicated by a 'Yes' in the Verified column), and on practical application experience where public guidance is not available (indicated by a 'No' in the Verified column). Links to Product Group guidance can be found in the References column and when no guidance is provided we've provided a link to the description of the Metric on learn.microsoft.com. @@ -22,7 +26,8 @@ The Scope column details where we scoped the alerts as described in [Introductio Only a small number of the resources support metric alert rules scoped at the subscription level and the metric alerts would only apply to resources deployed within the same region. The Support for Multiple Resources column to show which resources support metric alerts being scoped at the subscription level. For a complete list of which resources support metrics alert rules scoped at the subscription level click [here](https://learn.microsoft.com/en-us/azure/azure-monitor/alerts/alerts-types#monitor-multiple-resources). -> **NOTE**: There are hidden columns within the table, to scroll across you need to go to the bottom of the table to scroll and this is a limitation within tables in GitHub. If you have any suggestions to improving this expeirence please do get in touch via a PR or raise an issue, thank you. +> **NOTE**: We have tried to make it so that the table doesn't require a lot of side to side scrolling, but it is still a lot of information, we recommended that you click on the specifc alert name which will take you directly to alert details of that alert. + | AlertName | Component | Metric | Aggregation | Operator | Threshold | WindowSize | Frequency | Severity | Scope | Support for Multiple Resources | Verified | References | |-------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|------------------------------------------|---------------------------------------------------|-------------|--------------------|------------|------------|-----------|----------|----------|--------------------------------|----------|--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------| @@ -73,9 +78,9 @@ Only a small number of the resources support metric alert rules scoped at the su 1 See "Why are the availability alert thresholds lower than 100% in this solution when the product group documention recommends 100%?" in the [FAQ](FAQ.md) for more details. -## Activity Log Alerts +## Azure Landing Zone Activity Log Alerts -### Activity Log Resource Health +### Azure Landing Zone Activity Log Resource Health Use the following two sections to quickly know when there's a Service Health issue with an Azure resource, saving you the effort of further troubleshooting and allow you to focus on communicating to your user base and/or use these alerts as part of your business continuity actions (remediations). @@ -85,7 +90,7 @@ Use the following two sections to quickly know when there's a Service Health iss -### Service Health Alerts +### Azure Landing Zone Service Health Alerts | Alert Policy Name | Alert Name | PolicyScope | Category | properties.incidentType | Scope | Documented |
References
| |----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|---------------------------------|-----------------|---------------|-------------------------|--------------|------------|-------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------| @@ -95,7 +100,7 @@ Use the following two sections to quickly know when there's a Service Health iss | [Deploy Service Health Security Advisory Alert](../blob/main/src/resources/Microsoft.Authorization/policyDefinitions/amba/deploy-activitylog-ServiceHealth-Security.json) | ServiceHealthSecurityIncident | managementGroup | ServiceHealth | Security | Subscription | Yes | [Activity Log Service Notifications](https://learn.microsoft.com/en-us/azure/service-health/alerts-activity-log-service-notifications-portal)
[Best practices for setting up service health alerts](https://www.microsoft.com/en-us/videoplayer/embed/RE2OtUa) | -### Activity Log Administrative +### Azure Landing Zone Activity Log Administrative The following table lists a number of operational Activity Log alerts to alert your team when certain resources have been deleted. diff --git a/docs/content/patterns/alz/Policy-Initiatives.md b/docs/content/patterns/alz/Policy-Initiatives.md index 1230aeedb..51c3a3576 100644 --- a/docs/content/patterns/alz/Policy-Initiatives.md +++ b/docs/content/patterns/alz/Policy-Initiatives.md @@ -14,18 +14,18 @@ This initiative is intended for assignment of policies relevant to networking co | **Policy Name** | **Path to policy json file** | **Policy default effect** | |----------|----------|----------| -| Deploy_ERCIR_QosDropBitsInPerSecond_Alert | [deploy-ercir_qosdropsbitsin_alert.json](../blob/main/src/resources/Microsoft.Authorization/policyDefinitions/amba/deploy-ercir_qosdropsbitsin_alert.json) | deployIfNotExists | -| Deploy_ERCIR_QosDropBitsOutPerSecond_Alert | [deploy-ercir_qosdropsbitsout_alert.json](../blob/main/src/resources/Microsoft.Authorization/policyDefinitions/amba/deploy-ercir_qosdropsbitsout_alert.json) | deployIfNotExists| -| Deploy_VPNGw_BGPPeerStatus_Alert | [deploy-vpng_bgppeerstatus_alert.json](../blob/main/src/resources/Microsoft.Authorization/policyDefinitions/amba/deploy-vpng_bgppeerstatus_alert.json) | deployIfNotExists| -| Deploy_VnetGw_ExpressRouteCpuUtil_Alert | [deploy-vnetg_expressroutecpuutilization_alert.json](../blob/main/src/resources/Microsoft.Authorization/policyDefinitions/amba/deploy-vnetg_expressroutecpuutilization_alert.json) | deployIfNotExists| -| Deploy_VnetGw_TunnelBandwidth_Alert | [deploy-vnetg_bandwidthutilization_alert.json](../blob/main/src/resources/Microsoft.Authorization/policyDefinitions/amba/deploy-vnetg_bandwidthutilization_alert.json) | deployIfNotExists | -| Deploy_VnetGw_TunnelEgress_Alert | [deploy-vnetg_egress_alert.json](../blob/main/src/resources/Microsoft.Authorization/policyDefinitions/amba/deploy-vnetg_egress_alert.json) | disabled| -| Deploy_VnetGw_TunnelIngress_Alert | [deploy-vnetg_ingress_alert.json](../blob/main/src/resources/Microsoft.Authorization/policyDefinitions/amba/deploy-vnetg_ingress_alert.json) | disabled | -| Deploy_VPNGw_BandwidthUtil_Alert | [deploy-vpng_bandwidthutilization_alert.json](../blob/main/src/resources/Microsoft.Authorization/policyDefinitions/amba/deploy-vpng_bandwidthutilization_alert.json) | deployIfNotExists | -| Deploy_VPNGw_Egress_Alert | [deploy-vpng_egress_alert.json](../blob/main/src/resources/Microsoft.Authorization/policyDefinitions/amba/deploy-vpng_egress_alert.json) | disabled | -| Deploy_VPNGw_TunnelEgressPacketDropCount_Alert | [deploy-vpng_egresspacketdropcount_alert.json](../blob/main/src/resources/Microsoft.Authorization/policyDefinitions/amba/deploy-vpng_egresspacketdropcount_alert.json) | deployIfNotExists| -| Deploy_VPNGw_TunnelEgressPacketDropMismatch_Alert | [deploy-vpng_egresspacketdropmismatch_alert.json](../blob/main/src/resources/Microsoft.Authorization/policyDefinitions/amba/deploy-vpng_egresspacketdropmismatch_alert.json) | deployIfNotExists| -| Deploy_VPNGw_Ingress_Alert | [deploy-vpng_ingress_alert.json](../blob/main/src/resources/Microsoft.Authorization/policyDefinitions/amba/deploy-vpng_ingress_alert.json) | disabled | +| Deploy_ERCIR_QosDropBitsInPerSecond_Alert | [deploy-ercir_qosdropsbitsin_alert.json](../blob/main/services/Network/expressRouteCircuits/Deploy-ERCIR-QOSDropsBitsIn-Alert.json) | deployIfNotExists | +| Deploy_ERCIR_QosDropBitsOutPerSecond_Alert | [deploy-ercir_qosdropsbitsout_alert.json](../blob/main/services/Network/expressRouteCircuits/Deploy-ERCIR-QOSDropsBitsOut-Alert.json) | deployIfNotExists| +| Deploy_VPNGw_BGPPeerStatus_Alert | [deploy-vpng_bgppeerstatus_alert.json](../blob/main/services\Network\vpnGateways\Deploy-VPNG-BGPPeerStatus-Alert.json) | deployIfNotExists| +| Deploy_VnetGw_ExpressRouteCpuUtil_Alert | [deploy-vnetg_expressroutecpuutilization_alert.json](../blob/main/services\Network\virtualNetworkGateways\Deploy-VNETG-ERGCPUUtilization-Alert.json) | deployIfNotExists| +| Deploy_VnetGw_TunnelBandwidth_Alert | [deploy-vnetg_bandwidthutilization_alert.json](../blob/main/services\Network\virtualNetworkGateways\Deploy-VNETG-BandwidthUtilization-Alert.json) | deployIfNotExists | +| Deploy_VnetGw_TunnelEgress_Alert | [deploy-vnetg_egress_alert.json](../blob/main/services\Network\virtualNetworkGateways\Deploy-VNETG-Egress-Alert.json) | disabled| +| Deploy_VnetGw_TunnelIngress_Alert | [deploy-vnetg_ingress_alert.json](../blob/main/services\Network\virtualNetworkGateways\Deploy-VNETG-Ingress-Alert.json) | disabled | +| Deploy_VPNGw_BandwidthUtil_Alert | [deploy-vpng_bandwidthutilization_alert.json](../blob/main/services\Network\vpnGateways\Deploy-VPNG-BandwidthUtilization-Alert.json) | deployIfNotExists | +| Deploy_VPNGw_Egress_Alert | [deploy-vpng_egress_alert.json](../blob/main/services\Network\vpnGateways\Deploy-VPNG-Egress-Alert.json) | disabled | +| Deploy_VPNGw_TunnelEgressPacketDropCount_Alert | [deploy-vpng_egresspacketdropcount_alert.json](../blob/main/services\Network\vpnGateways\Deploy-VPNG-EgressPacketDropCount-Alert.json) | deployIfNotExists| +| Deploy_VPNGw_TunnelEgressPacketDropMismatch_Alert | [deploy-vpng_egresspacketdropmismatch_alert.json](../blob/main/services\Network\vpnGateways\Deploy-VPNG-EgressPacketDropMismatch-Alert.json) | deployIfNotExists| +| Deploy_VPNGw_Ingress_Alert | [deploy-vpng_ingress_alert.json](../blob/main/services\Network\vpnGateways\Deploy-VPNG-Ingress-Alert.json) | disabled | | Deploy_VPNGw_TunnelIngressPacketDropCount_Alert | [deploy-vpng_ingresspacketdropcount_alert.json](../blob/main/src/resources/Microsoft.Authorization/policyDefinitions/amba/deploy-vpng_ingresspacketdropcount_alert.json) | deployIfNotExists| | Deploy_VPNGw_TunnelIngressPacketDropMismatch_Alert | [deploy-vpng_ingresspacketdropmismatch_alert.json](../blob/main/src/resources/Microsoft.Authorization/policyDefinitions/amba/deploy-vpng_ingresspacketdropmismatch_alert.json) | deployIfNotExists | | Deploy_PDNSZ_CapacityUtil_Alert | [deploy-pdnsz_capacityutilization_alert.json](../blob/main/src/resources/Microsoft.Authorization/policyDefinitions/amba/deploy-pdnsz_capacityutilization_alert.json) | deployIfNotExists| diff --git a/docs/content/patterns/alz/media/AlertDetailsDownloadReference.png b/docs/content/patterns/alz/media/AlertDetailsDownloadReference.png new file mode 100644 index 0000000000000000000000000000000000000000..6eb37f7c29d75ca0bd218be1cc4b6f3d2e619cfb GIT binary patch literal 16492 zcmYLxV|ZrE(spc4>`XARZCexDwylY6+vdd1#CT%cww@T@>~r>a-X9Bnbyrtw_0?5( z-7Dg!yaXZ~E*uC52%?mvs1gVWc+KB;4j8b%cZ)e5#=j3xXC(#gqgI)ZL_W#aI<2VA9HhqRAv;f~Rt)-O|^=sVH;Ku5W(RTe`w90c7DjPuv2_ z4xKzaJogh9Q~qXoIYZV9Uxb`L90&=b8_{C` zwt7Pv8Cqm1oIg5({^tF+$d~dCC;eR{PuMN)VpUW%>84J=_elkOv~JVtwOCJ@UYU^?xF9hUh|fU+?G24q!Mx%8M1!zi&}% z-b0fTME^535MaAPe;Ad}DYp6d0nEIyU(Wl@`5nn%{wpVMz7|x?e@Iau*@d|OZ5;^( zZzyV^$H|17Kx)5O0=f|P7b#<~Y@hSGuZUMlrSXm?S^w6L|F!BsG_kv|?Revgc-T?D zCQ9Avpg$|EA3;8~zU-x8!R|q=jALTCt7ezawh(IGY@xj2l4mKSW zXoQ_=^sIg;j&3>12L7Gg6^MMKjZURT`%SCdCY@neh{{VIvVZC-pYky!!e{=MU(jBu zWvG{7f#s4}*#+w{?CaI9Z^<-^C58Q@AFfyQL<4vHTc3wTfox>c-Ks&|;iJxhD$W+= z1`Ovb;Rqw4VIj$J^ki82y72I^l$<%qIYtTne;4JK{+Lqv4fx3RNg@Wr9>M+aI|*kh zhDU+Rz}hZT$@j_?=i@p8E|X}R(izAoUb)fc*y3IrM+&Koac4o$T}$X=BH()R6x39^ z!Rk2hI4K6V-F*8?MDUmk!f9djdkq{sz+VG+nIU?eW)k*$y?MyGns9D3EW(=0!Lm}Z z?B>FAK(JQ~4afO3i+_d#m&a}Jj;2sb>IT1zDLoRxtE_BLK(at;tak|QlSmYO9@|Ib ztJYS=g9+^Mor+u{iz3c`TBqk@18r@({L#h_YX-@DER)SG_8i?G7}rt6ek0vIxy#$| z)@gyT-t6T#&9>~Kb=cW4Cgi>lJJyTK(Dng}ZlR|_MjC}Oni4}(qi?--m>&Zc^0pS?pLGB^xR2$icNdk8qq&C?4?HQ$)o8 zgFoV(i@DbpO{R1CwjF~>5}aN_QCJA`JK;)lJKJu@vyY(2{KNhx^n*l@&JbeO_LNGa0g&Hzt_&d8+bR-|Pq&{mUvq0T`RT-dd_w3slw znQ2L)bq@lPYLTUEQ}4DLs&^8%E8iG4)Tu+{^FBOY@vFa2Y#<2!?L>|{CQXQj&g>O!Fz403_Ps$u(?9Ee^34VVCic*y{@YOBBt)%j8-Ht_6o%$`MV2M!3w<+@sT_lT znP-}GpJK=dkGm~eN$H7>ePyAAa|-p7xIS1P*JH%mTkEQb-&aQ!RAblb=--`qPakr! z9yNg9x)kZ%PsjeL!RzeTu&S|5?6M`RkOa47sn2XZ+|a-{mbYDn2L6F6b};Jaa1gsi z^IVOaMeew0h)P^UtrmBsRfS}Xbc&(7pg3=U9yqG=PnXcm3S}CZV91mhq!=XFcvR7j zNuiG%i$)Z&svzc*1y(@Ms>Hs%IP^S{#G#p7lp5W+thr~dw->|yG%!v1TLFNi&Fd#U zpJ1YsE-?(xsXHiWP7Nc*nHt|Wzcq~soeuGChnSEla_W<)HiBela5pcTW2A>da=tM0 z_1&#Kew5EU-mk*9YV*#6U62nNg`F-?stZh*qtOCa5j46P!_kNVGX}*1vn(So%R_P! zZ26IPK5??vg^k6gWGeSUmZaB0WE%P;G|M=zm~6Fz<7J9D#u!;@HX(Ei3P^#u%Q ze#+F3nIG#l2q)kCS$b-INquNOf!Z~s49TE@n?M%nYnrSYduuYTBsZ&8DfzKrAaL%# zIp5-zu(rX4nKbexqa!Oa)h4&cj$)jmNcN!LnTowyiSlPGA=oG*`jrZuj`?&h!?vQ= zPsh_;w`Wm$FEz{|a0Ovdv5u7VF?51U!+=R?H%RPovriid6QhLt3pf-#GM{EGQ*ZBf zS6-EvUc!}-!1J7foeQ)n2HM~+cOTj}hJCPGuUzZ%wc6yeJv^-rbVYN2x^~M7RdQ3A zNrwFhOOxN=b|37($+LMjx(Q|A=d1VFxO4PHhtt#w-9&357HmM9r$ZI$5s*FceJ!i# zJc?UmHhDwI8h{PIwP2Rn3F zuzb)fCgf>#2h6aU6R+mER#FrZaD`_4!Jl!Gx&B~mr>zDVm$q^!0EGew&m#pi;?20W z{eev!+S~)zvWEe$s+Z@=!GxBhUL+?CO0IR=^hK9Z#$l(Z`)<2oofTL>F@A(W>iourFtQoi7G;iojGG-eyYg=rSXEZAjFb!C{GX} zDXzX}=^P}l`(1wAHmq(Bagf;2dd_TGEFH>n9hF_dpuj-5qkMR>P^w6Jt&*v?5Gh)q z^!k{!q0Cd97Q}e^22tZ76krC2J&aNv1D-*LyI-FajgEcf-qW4$J@8ztL&OnBO_D{Q zv)CbB6SPBf4H7;$5v;8;2C%>3>!-Lw>=Y&`9uk@yhr~Y4L;+dqc5ssZ{hxy>yaPfQ zPk}i(+R1V6@V7ub4{uj;3heE$L;=MihXx;6v2~z{Xq<~gJGK~v#R&7WE zq574a5T8l)WnZoy2>`Kvqj?p){>*JNVEffozVoS)SFTx5n3v}cl-1b*oM^uJW%rtb ztyahD{he6?KJ8_z{6roqRB zGTfj&8h^d!a3(fp5iTQ5@7#PziVz#JNd)OL)W4px8=;IP%M{L2cEHONZ@JJ0L1?cy zdZp=vcI2iw`XM+Og-K^>b#KntJ;^D?T$_Kl-2=Mad2?gU?BZV0_;~ZFz11+7Bjr_S znhJ}cSo~3TT-nY0uvWLnRx7h)^+F9)Ig<0cNpW;$&qcDX0Shz#hubHJ{drl^@I~DH ztl8^2GwUIdrt?#Ds>I{S01fl5ou7<{(~WFo#- z&%;p9x9ju?ZcE(*{HD{9j1QVq<*GOhaUM!r;MzJg$8u6}tDYQBO$1J~RvAx=one|j z5#(7(pZwZs{r>B3UjZxqPK|mg8r$FN`+HY$+4u7S8d37ES-jKS z_1xV1DRkc!>8^}b7|vMi?vy*z_8`kt6eV4Z^e3^GTeB7F#+=>qe9Kk&oFj)FKd0o( zMryg_;3_CuaXVm0yG$S`nRQC3m1`Hmk+-9em_5$P>S)Ied)*G_X1IDcoZ_KU%4h|5 zS3M>tn7XypVcg$L)@@p>)oXn_9j}Qvl33x|-?$xCs;k$&s&;emk`dvTWPZ4>T$U;1 zrq{ci+d><<42kn(i&d$tzIZOb9lLSlv}vl~;UifIju_^(%=ok0e#UAeHAgeOs65*m zmU%-Xxn({bbFlDRYSN2}?WK=ywL7~X6*gCWi3XKY@cbGY3`c)R7f#X79zb1C`KUFMzwyZC$P&OE)%ur+)LKo=!WUqIp$P zV7$fe>&=d)1}N*<+Iz0yeIlDyO<3iEX=oPunxOr@2yrwHx63t06~Nth{$bdyZNXm3#BD4n=LIF971Kh{k-O!|# zsA62K6$p3%6TxLYM46DRV(ox=yD0x}Uz=x_y&pgj3Nm+Qs(-B1+t~PFKe#<28|Rr6 z=}`L&zKzB!qa%fNv%0M-V<*0;$&ihYAfdGe+FtkF@+{;$H|$o=5Q zd^m+VMNiBcEukGVhV6Qg>u_T5NvUnR1J5adzV##GPgDdLlj($bT1!r8!==ig3EZ{A z-+$l>=knDn9u$YD^)v)ZU#Qj$rXN97MRwd^ui&VAeHkLda7 zJ#kDKXcQ$In038?d^cjPT4G@Id0dSi^F1Zn@+du^mjX84hNl$dF{mJ8_ z2KR9^J-Hi&7rO%^y>G7D9i$w>aAC6eU#rDG6fvU)2xut6K|{d0;5;MfpD+^8EFv4) zLo0A18+oY8l1e$pOzMBKXYsZz?CP7vSSWr6X|3IO7zqS+#tGDmiKcBld|W{007l5Q zH^F@ZN28ov4U>ieC%vAh(YJJfvcXN==C>6bo~m)>hc+*-IU=l?lHVpPDyShc&wb=p z+YEPB>T>&r({=bBfwp&x{bS`hE_oYunq0h$?{;&kwz4SA9 zEk~B-Zs>M7Uhm0;(GT*_sMoyTXT!R_d$xWEK|o{HxR`A&*fmE|EA6M+Z8dt_ewn%yyGeW5yxSE1@ADMe7MD3lQ=SYhn+<+`8p4a5BCusRIb~v-|qPKIfVCA!{yca(_^+oUoLx=k%VhA zA&(~Pn9^A=A$Ku|iQ4n%5nhk_t$KS}Fv54OxnRO>a=vflwCN3t!QTp4yyaT>QVcEd z4wcI5a?w-cS5!LUpMhRlzfM)bFSx}hi-}SF#Ew_0K+ssO&eu%p3am9=uPrr(+mKR3 zf~L!f#KLzwVPH&t(?WraQpV>qJ9t2*3ENA(=C}+JIfO~wA1*< z%Y?OOm9}A2;fy;T-0YyU+<-@Uz_nB>UO^c(h`xw7yTt zd%9k&Zdv@!MSlcK_MK_6#chokr7w(L=gFGaVQWp-TV7AA$?&=#(c7QL<1uZMqF);+ zr{&!prt77uphpktF$DEW=QkJSOa*bEf=rd_j_xT_TDh)b=A zW8r#h_28PW1SDjp zdQba~a^~_u{Z{;t#iw<4xYT)1dIb=Wz{tP{+BW@G!ts?VIqz6oF1yteRUSekh`w1h z*PE7A-EPN=b^G2bHjgcHc#dejwo=b+sXSZGsEVMan9rX=rhHBQT+AyR-ozMvpi$=CfJ#X)^7);#0Gow^;KWOoqEe6c> z8S0jd&&J`$w#3Fin99mXsU|fmVbF*eKf{=O{x;(hG|c2oE)ntc+k@D_iC z4asRNIlIRmlW`%iiIkMm=TyymPL%7%^*uWOJsX^JG`r=E?LQ8_otof}aH@RvPMv7? z{~}oZ-7Xt<8iZAi*ZaKeMryW@-GtQde!68Y>Pi$Pb0B4gPM)P^f1@}rJYkMzzJ$|a zF;k7<&*?eojEv~iH^zvW#WHYoLyOemAv=_#j|`V!9JXxRAr3!xL#?4$(B}TJmu}k2 z_U>U5bqg5w=`_431lmF=Wc3JODnn0QDUuJ7Y|?5>DK<$?Vxk@__987~b3#W$i7lC( zG?nJnY1KcxiQKk{$HL?1$iLcUZu5vne6(G>Sp^;WwA?H+!TVeC8A$hHNHB$5pE(jV zHC>wWL(#i~pnNLnqo@^t4Tuq;f5S28{xSS??AO{eaDzk2q2JH=G9e^)5V*dn zBPrJ$hs)$)VA}gEBVh$h->{xyDC*s0G#Kxa4(jzEH29DJ`uB#fCA9X&q^F9vTCQ(| z8)C)2d-4acovJ{)UC9hG_NH4Q7B>}Z77T%S)3S-ghXtaN22Q;czbDBpiI0XshsO&YC zD14V5=~l~&ty=fjn#b{n3x?ab6fwBql?WHRALpI^H&?xEgv-)eB}W#CJ( z_=(x35ck(Hbq&#XhzCWNJah%|alD!dJ6T^(kV$u{i*2bvrogrXs)aNySa=R>NPzc? zu;Ak@oo`Eztu2{vQz95fw|&bXh7%hI)L2GQ$mOK$P|G+;FGqQnGk_?5kIHLt%WFW_ zx{Q$Fc+6_|S$SWKI8~d;K>-Q2DH~p7xgcb_gCkasZ?ybacf#L(iXxiuijn^A&Ut#q zG&}#=41dG?>x|7}5hB+8!v{8)XsexS$l-+pGCg)T_w?v_P$f?s{HS_$SJPdH$>x)E zB4v4@4}UVXQXg<)UrZ3qDiTVA%8c`QA`bVSDq7!(o(C@aqwJAB)OcF_`99b@TQKh#62)x>oq+eXNgGXZ}N>GhNnAdinbm`L%`acCqyY`#S3KB zk9dG?z0AJE)Z4wbhI?T0t}sZu$LF{X4-kVB)q#1n}*N){Q}`vv*UVOg{(aW1I++BcoTL4#L2YP7#qRe^*`s_LXvqJ)$3-fzF8#YkIfRMQ|Git3nP6hl7n{XIszm9V&e>xc2L zxW4LCeJ*FC@lqMwm~Uqa9VzFljieiNpKC2W%g7WEA#f9r;`jGT)!OZ^fS|Y!>E#Oz zCP}B%Nqy5m*}E}hEd;&zKVv=x>BQ7UPPgt=3}nug^_4MQrtE|d1gguvf^y{QT|#j_u+iQEjLkfTGP1`Y4oq_p-RAn5dUEJr4Y4EAz9vA|ms)?g+n2cAFB;2QX zCE4&0L4TUNNK5o@DgxZs8I_LC7XLw~dWkxd2w!fY-TkuOmd{QFbc78CdtG=-(BAVgy~sMo4I4) z?5_RHz~9-e7Jt-mv-8gqnB7Rk%qh`%dg;{j675~v~K-`jo4_LuK^L~{2-i`hFH1+*vpMAmT zt{QPItNhrMF|6^zip;U!pQA6QAdHORWh)P)0nL1XJjj2#}#OJ zcZLxqtT5y{SQTI85?7a}<--p<|EzGOMnSr1*UXjG`ko&M3uyCvT_1>xUNbN1iw7CE zt6M4jjXAJKZ=>%)J1`BALpQD0uB0kyo!4Z7_indT8BsUPG7{XBC(q|PWaif1A-xl< z_5H#N1z7-IY)pu(gX36GiM4igH?BB97hWg1aBHJOjdkIEI_-Lx4XT;9Q5Lp;dHHzs zGbigx3%y5?4S?Zf(t#ov9!zu0q1z1QX?@?(wjminI3&=G`gX7cKJB!xr{mMXiYAwY z%zvWR7*4LuAbIu~o}QNGpY*Eg-CDlcp;p1jP!r_aM1zxrhYl(v9|SiAO)ir@VQVcK0-C24Vp?gHI5l{4_#*cmJ{3$8VglZyotLWX_98(tPXyex6l=Pq)j2y z(AkLj;vsgQBU>XyYnFPo5sTGX#O0^W{;;d?p~l_ee&;ohE45{tZr!rYN(&FklL2V;|q< zZQO~xAGmKk^Vmgr*qga3-jVB%@<9?=;W;yeYaU?f5i&eoc;s=Tl2Cc+M%jw{WJt&6 zvfJVYz84ca6;g7Y9zn;t?F9^ts6PeyE%$HBkF!!&$dJKE$GlGTiTDpY>YE*p&W;Jni;)GDKcO?dqda6Hod%%o;V89?(7zX0 zO^><0DY!ELp?no<2S!8Dmd3$FFsBK1NAzXg+Zo_#hbp`I@%W$5DkB79&baTBVxvZY z0xe!w^N1|xrv|MjkKk#5MRz+wqV`ApQfA=Q>Pwyev0e5|iS-AwRj71}lwV!pXvU&n zfjE~q0Q%{q!AAD!g8c0xnBRCkIl!Y52Yf70RvY|@HlrAa1(lq1RR)1KYJ7CUKJ_?|5{|dxY`Ge0Bj?C|ZKOh_?cA%+ z(VbTL(mY(HZg}m0D0Bcv z0L3HId7fOA11bBbp3anDaV*$1?nqiG;2RSv^d@;xVx82FQFRIN zrg@{PCAorE9RaUrSupdTv2YsA_yG(Bi_X)$iZ4#Qek4&o}6{3_U>3d>Dt+cPyA)iU9wxelQeHw;o1N_lOK zv$4a~77>sVtrV}9le97=p~{#Opx%>PjEEHN>DsM+EFZHKFEVZeikMP_493(WL|7Ef zh#q6S0U8&D_%~*I{C$1RT_>Ra81hg1{403c0q6EXK_f8Jw0Fl32j;h(qCdsQBgCtU zl<2r@wA3-U9RkudS{2KbQv_SHrdOy4%9B^?Dt65xy57lwHLq@WCqKxqw%eIsI#r3{ z-dc{a1Y-0%ZjVV@(W#}Ny$c5%yAySO`&eF1r@s5#NK=O_*Qy#{o%CR_%i`&BY?wL2 zDUEfUMGmi&%O5UrNw@f=xTzMgWLNj=CsTz7y724Qf0HzPVpk_CL`dswGD*2BSzGeH zDy}(Gd2chtAf@T1(o9HZVPN>VW(QyMthWh5OMdlwl;kMhyy4uv6Rb#Xx8i}_-(HHXwpKj0Dn19F$^G?@kF!pKJ}Cp(VW*sG#{(94z;!i5 z&W`(zA;vUg^Vdho;*jPXLT2R{$cV>kQ@hVuNJ$DKz)<8JW7ftyl3ft-TP6;g$v!9+ zfL}aYq3W%m`(kks2n|amolyq<=T7)nD>}xF9Ih6cFWU)sb(R*Mh`GQPjmZu zp21$g$LV2@uJarKWmo!M|FYISLfp)E4q0r#jV;PJ!q|gakdQL2FF@dJ_*6hG7Iclz z?|ggXnLu()D+w2IXSY$KvdKPFxrl5#Q(*Fe9L08~Q!42g@1jln`)%&Z#<)5ThFPD0 zRA|T4YkN!1Xvh6FQ%)I)wzJW4sz%Pa#B_h7%%Aq9z#C)bQ28q8$M-whFtK09>8x{I z9?}f{2yd3Vfke|}FFnsxMiuCS)yLIvdosDMB8y}60uDMy2WYl4PaZyvW^dmUi2T%= zHb>0?VWd&bM7k{lqv=$glNm_Wbr2WQ&(D?W@AW^x2XI+!Sn9mV%jp_Zukz8gmXB#0 zf@ma1z&j7{P}D>W8;>5&F*JnGiWwmd*w>t*4AEcCoX`;}&Ybs@PcBc1{UfnHoG24v z;8Vmo6n?vjxpAZiQb5&0SAZXSQ74CtnfN(;P`cp4iAkV8npI(3Fib5++8${jfapBZK6x+naYJ#oqr7xV8}UoQ53geb^2jYNYA znz}pKRo||woH2B%>AOF&PaFWL6-75fL=Mu^w9N-4ZA9)h0Mf3oSX z?~Kdq5pY2oXvkdt)~CetbhKs{PP1vHAlure&eNq%N4`03`UVF14pM-hm#kLfl2G_P z;3{U>NJ#UD>6c{ULC~{Fd<%xOs1kji0mwJ`c^6@6?vZ=V3WHXQM8!TrTxh`6CJ=r9eU=*SE@}b7i+ABEy{pLLBT7}#VgN)HZpTLVYf3@!lS!H zszW%-Ch|&-cT|{;OUbCfz(bDMYuv{-+oV;NC|h<1oo|1F16j?Vv<bYh=o{Kq8}!~6q9>aFS&j&NVZc0KY=*w*9LGUvBb3m zFV4V4lSc8+z2|g!nc7V!RKErLM?==!T((7A5H2}+IqQvlLzGayE}!pgIf3wh8n0t^ zBBPU0mlmRnI4;x2>ztbtmyUZ|Cs>+h8QOFg4G-GeKqnB+6K zC0{Awbw;}+jmN2(66&pYul*UVoPTMW&r~9E*R)ER$J6-aqa{y<(*jnqtF?-56E;xT#4xYD$Tf=GhN4ElTJbt@VR>*BGF}dBBU5D zl_VS!$y`=*YJVmcjHPvy3L`Q#&>O-P_blm(cRvAVN%Ur3ID0qeJGS(QZREzzP&%}p zt1=l3dUL0k($uhB!CV3QHEMBJvGnRG|FctH3(}KzBX&IQW7_e%K&c7gE)j4JoVf&Y zIzv;UI5ej8Bm~^njyTsHi3P;-IIwIx-!Z?pISTlBl$GiuSuv1GEf;yiK7*E7Dc8-d zo#wR-O5Dg=K7}yJTh|?=ft6fb{N`3t+~4loznR!e;C96)D}qJYCyLe9l?3 z`b(Ul3qp(d3)LzuJ(sf~(UFk7pooM&<82ywB5VCuv;M zb%5J9n=M>Xy;u;$`bgc~o!Z+J>C+{`)?v=~-0tvr(XdIee8$pjmS?$|TEXTe=Vkx? z>VictWk4`W-dn`w%bepw*R_M_ZN@mHH{MK3RF|O#=@Nw>+NW%EDofp9I7MYb2@1etMbr|L&svLNI9eKsXnxHIzy9YDbeDNy1B=CDdRw-B5?LyXJ;kIgr7%sQo$eRCkzcR+r@ZrGo7OQd?`IhTI05d*7hHPxu%;$m{`5|SjqAymx85yseOA_vBm+ri&B z%(4u~ZIwgB-k zvu-^V=B}Uhz2*x_IWNGfm1j?Oy1f!+oZhZwKem`QQsni8}Pk^ss z%Tu3zS5&2l1S&Lp6)~pSQ-z598Y@NItZh8g8!!35x4ahXnO0R_OUq3M!6>Uf=4?l< z=&ugzFpL4**7KGocVEO%8kI<+62R4qq1jtGR%H$k8p8rqv%LHLbd5eytU6R`M~k0U z+PEPzSA`Nam~g*&44#X@)h`kFP8>$HOo>NwlPeGQKK6>As8k$fS8ZPh6Q6Remr#q1 z2`W^QW{mh0F}OZE#UUKD8vAkFS04=$?I_)F)Zx;LRrb>WfOi$s#d1niYjI*}7vZLP zE)R>!o0?4SE5!H1qZ%pT}&s9sDD@_|QR}3r33FXt){` zU>>{9cDP?k4%Y`PN*)_ut`V>gFRon9=^ZUkwu-r$9n+n6-yV?NRp*#GQ*R7MkgZaA zh76M@-1?g7SBRrOJr}8872o|{v#Pcs(0H9P+D^Z_cC;0M=43CX6(@zq!f5l@r73{y zHLWf3N2=LNWIeS;{)^XeGCIPS8as!tnyyO>WIwh7cRLyvE?AjtD7Ji2=v()jvP%>-C=1 zw|)eqNoEs)fA@5|a1LkINi|UjK|3kROra`d@?wjO_-n{U1--Pn#|UCa_cs+Z+>YTy$Q0awp_B zmsyF!9^?vS6$nd(Y+MYPe_o_`14WaO|g3Tcg} z8WEuElGovKo^W4QyA`nBDg1-S@w6o`tq%=-K+Q(L<>Vb$9f7MCqgKP~f8UoTU|)lZ z)_k9pkYA@n*8t85vm|B z&zFXLGt;a&=mS=mIn(^yTJhI4H47^NrgFpT%x8X(rz~f;)zdSw^rtJw)->RGD7F*P zo9&LO*t4F5ZC4OZ?+1CQ1SCFsJTXQRWuzC;P$`a#5rdAJ)!nC39wnSxs1B>Obk?`b z?(?+f&rjj+&R2Oxr8bz(FUa(Mv)^pK-EW!4F%2c->_e-knng|_I=a-|3X~~9fwit> zrwCXy9?pl(ndO!^w6i{B60Y0N9+seKZE$**Kiue(ygyW^nLokiP1hc_I&7Utb!u)O zOQ?(G%DIPczCC1r7;0MP9A|@7Jj&LX5pcQQ4m&#*%jTY2bW_4$2I#!(UkvMMTq`QO z=_@R^ZB2di(5sz)2CVQ@WDm39;7s%62$ww5ZGQJnIg6Hk0Q#t}+BK#NN7kgXH#PL4 zN4qgQH6Pb};4~gje(k3UQOM~b9zGse{sNA2au(Vw2AuZwWTQx;mUM zUr+mE+k9im-YR34hnp|Pu;fE)+u{-$|o`{(;x z(@KkR8aa`SvbJC*kd%*Q)tas0>xtDsb0m{50HR;c6$|i$lJ)7Wg8Sq?cK6 zp&H(=9I5dNJU|lDe+3o)0o={E1hncXaGd?wGjdY$I`#v{bgQJiMDwH}KUtisFlYFn zx+uE3oH!+TMdZodfox4;PN|$ATUx(Z;LU-&|rZ1B)w_E>a6vZx~#pRH5M;(ch7oPYD++hnYizHdPakfPnhm$edMJ{KZ5VjdxjKjPTQP697@Z1t zEa!Py`zI-aUd%SJsJdH!LpQm^ShA3^`8+mF0PG*dSQ3uaqxzcN`}5-DkGVaB7zfRJ7Q#bU*Kc9x3~?T`EU2^l?;h~1d`NtId`r;-&)`4-4QD3Vyx! zWHs>TeShR;=;LJtFr3a!F2rgb>oS#Xp+S+7_`0~F+1Awh%W7wX*UA-pCdv)a)c#PbP@+|!A?J2yUhFiM>O)dZ$e`7D9Uv`$%QJTA z*QICvzTosoQ5Cpn$)}>8lwz$^uGO5pI~4Bnlvs;3#&Uc2yb2AupEW=I)+aTV#ZjAI zFyH#_DYd|V-)x|{gpaw}6n-7Eo~AIQ6t59VYOO|3K1Z5TIqmcNmH|NO;R*yoO7FQ*Zo}3kJ4{*IzL$j&^+ohdj~*07AGHb zrYHy&rOymXaKvql|2#bOLcUe%(&%uxrA%Tzh5(BvL3P$jbi;4|{x^!kT;#||tAmZ0 zw$Q$+BP9}o3i3E3DoxFf$Lo85Tq;GS z$*R<8am4tX{C#2$q_S2!ZsJ(wj=bH0=@&%l#{qmkb{Q7?S{>i{G_{ay@b+4e?~Qzh0c}P ztQK(RN-H^zHXe@?n!{>m+hh$Y%EnY)tPaoADVK^}+JtC2y^pVY(2kezyX;sq&?O;A zQNrEj{9G6*S%|u?HY!hZf$DRXd+yNFy7QI|o$$v6K>-r5RB6k;nq(_1*Vj=GnJqR? z6*6l+JO(g@&#Y`kZ*R@!h<0^~R5Wf`=~lnTOb=?_6b4zWiT@m!W?|W`7|&Scrd@b~ zGf|Xj0a|wP*=Pw8W0!(et2@b5eJB?n| zt6JprZ#(nS#%$>=2kFhvlNkPjwvDX1ZKA(1^AL@wQdLGdCUgjkMo6L{upZ|acpmd- z{~#~&ACxHUK|s;;lB9d}o0T9q8QrMbq~Bcz0hUuZUC3fPSmJyV(D>4y$7vFE~R2^wTgDg!)(Na*VR%SCx9 z$POKp_s;jn$%qg2L`P<0Fyy@CQ=)L zwoC06$tg!p#e!8&alRD&Yl^x{|6Riy^Z7YM+eIZ0{hE)8 ztynXZhx%U)H0=CRFB{tXp63RkhxxN{NVopCosKhWa|qtIk0QQ}r==PEBmuzpCWjq^>!FacZQ{*6)v@j^xDdD(v< zD&;X#YSYKAUd%!Z*EtkVrw-MEcr!?#jlb?c5eE0wELl90*c32xVM+v;#~r8JCBr45 z$@H`3>MV_Qu*$H={?al$SCqY_j5#+G38>XJH!0KCcQ_VgQZAoWzod6xTLsyuIG9Oa z-D^=w@UsU z5)dU$x`7`tzK5V!rZYV|SXr$|P-MqDY0sDgw#rVV-ZfbiBlol;RmB_=ykW`+@Z(DK z)7yfJfPi&w21HybQhXGy@4g_&pC4Jj`N3^IOGzf?`s#2)CqRV~aiqqO>2;OyOwz-% z-d$`Z9^sJL7l_YI*x&<|?{vpY2`{a{+Ounh^ z;m`Hh(s9HBna=oHbv|~4o4#^S_&6SO=jH_koeoXgg$24b9&sJ>u$NOH`cq&q2yAsr z^#6y@`uRmn3aif`@~f4qZb&0PZJ)I> ztcgk&wWnpiAKT%>R^Y`5T;hs>%SXIPEL1fSQtH+iELxdNU20fUP?h;CLq^R zOkPzvNA>hgh^Z6H+REx8Br8m Date: Wed, 4 Oct 2023 18:56:32 -0400 Subject: [PATCH 2/5] Updates to alert-details content and update paths in Policy-Initiatives.md to point to new .json paths for services. --- docs/content/patterns/alz/Alerts-Details.md | 4 - .../patterns/alz/Policy-Initiatives.md | 152 +++++++++--------- 2 files changed, 76 insertions(+), 80 deletions(-) diff --git a/docs/content/patterns/alz/Alerts-Details.md b/docs/content/patterns/alz/Alerts-Details.md index 9c7a0a862..b9b33ae78 100644 --- a/docs/content/patterns/alz/Alerts-Details.md +++ b/docs/content/patterns/alz/Alerts-Details.md @@ -15,20 +15,16 @@ The resources, metric alerts and their settings provide you with a starting poin If you have suggestions for other resources that should be included please open an Issue on this page providing the Azure resource provider and settings you'd like implemented, we can't promise to implement them all but we will look into it. Or if you'd like to contribute directly, follow the steps on how to contribute [here](../../../contributing/). - - ## Azure Landing Zone Metric Alerts Settings The values shown for Aggregation, Operator, Threshold, WindowSize, Frequency and Severity have been derived from field experience and what customers have implemented themselves; Alerts are based on Microsoft public guidance where available (indicated by a 'Yes' in the Verified column), and on practical application experience where public guidance is not available (indicated by a 'No' in the Verified column). Links to Product Group guidance can be found in the References column and when no guidance is provided we've provided a link to the description of the Metric on learn.microsoft.com. The Scope column details where we scoped the alerts as described in [Introduction to deploying the ALZ Pattern](../deploy/Introduction-to-deploying-the-ALZ-Pattern). - Only a small number of the resources support metric alert rules scoped at the subscription level and the metric alerts would only apply to resources deployed within the same region. The Support for Multiple Resources column to show which resources support metric alerts being scoped at the subscription level. For a complete list of which resources support metrics alert rules scoped at the subscription level click [here](https://learn.microsoft.com/en-us/azure/azure-monitor/alerts/alerts-types#monitor-multiple-resources). > **NOTE**: We have tried to make it so that the table doesn't require a lot of side to side scrolling, but it is still a lot of information, we recommended that you click on the specifc alert name which will take you directly to alert details of that alert. - {{< alzMetricAlerts >}} 1 See "Why are the availability alert thresholds lower than 100% in this solution when the product group documention recommends 100%?" in the [FAQ](FAQ.md) for more details. diff --git a/docs/content/patterns/alz/Policy-Initiatives.md b/docs/content/patterns/alz/Policy-Initiatives.md index 51c3a3576..2d0e1c48e 100644 --- a/docs/content/patterns/alz/Policy-Initiatives.md +++ b/docs/content/patterns/alz/Policy-Initiatives.md @@ -16,42 +16,42 @@ This initiative is intended for assignment of policies relevant to networking co |----------|----------|----------| | Deploy_ERCIR_QosDropBitsInPerSecond_Alert | [deploy-ercir_qosdropsbitsin_alert.json](../blob/main/services/Network/expressRouteCircuits/Deploy-ERCIR-QOSDropsBitsIn-Alert.json) | deployIfNotExists | | Deploy_ERCIR_QosDropBitsOutPerSecond_Alert | [deploy-ercir_qosdropsbitsout_alert.json](../blob/main/services/Network/expressRouteCircuits/Deploy-ERCIR-QOSDropsBitsOut-Alert.json) | deployIfNotExists| -| Deploy_VPNGw_BGPPeerStatus_Alert | [deploy-vpng_bgppeerstatus_alert.json](../blob/main/services\Network\vpnGateways\Deploy-VPNG-BGPPeerStatus-Alert.json) | deployIfNotExists| -| Deploy_VnetGw_ExpressRouteCpuUtil_Alert | [deploy-vnetg_expressroutecpuutilization_alert.json](../blob/main/services\Network\virtualNetworkGateways\Deploy-VNETG-ERGCPUUtilization-Alert.json) | deployIfNotExists| -| Deploy_VnetGw_TunnelBandwidth_Alert | [deploy-vnetg_bandwidthutilization_alert.json](../blob/main/services\Network\virtualNetworkGateways\Deploy-VNETG-BandwidthUtilization-Alert.json) | deployIfNotExists | -| Deploy_VnetGw_TunnelEgress_Alert | [deploy-vnetg_egress_alert.json](../blob/main/services\Network\virtualNetworkGateways\Deploy-VNETG-Egress-Alert.json) | disabled| -| Deploy_VnetGw_TunnelIngress_Alert | [deploy-vnetg_ingress_alert.json](../blob/main/services\Network\virtualNetworkGateways\Deploy-VNETG-Ingress-Alert.json) | disabled | -| Deploy_VPNGw_BandwidthUtil_Alert | [deploy-vpng_bandwidthutilization_alert.json](../blob/main/services\Network\vpnGateways\Deploy-VPNG-BandwidthUtilization-Alert.json) | deployIfNotExists | -| Deploy_VPNGw_Egress_Alert | [deploy-vpng_egress_alert.json](../blob/main/services\Network\vpnGateways\Deploy-VPNG-Egress-Alert.json) | disabled | -| Deploy_VPNGw_TunnelEgressPacketDropCount_Alert | [deploy-vpng_egresspacketdropcount_alert.json](../blob/main/services\Network\vpnGateways\Deploy-VPNG-EgressPacketDropCount-Alert.json) | deployIfNotExists| -| Deploy_VPNGw_TunnelEgressPacketDropMismatch_Alert | [deploy-vpng_egresspacketdropmismatch_alert.json](../blob/main/services\Network\vpnGateways\Deploy-VPNG-EgressPacketDropMismatch-Alert.json) | deployIfNotExists| -| Deploy_VPNGw_Ingress_Alert | [deploy-vpng_ingress_alert.json](../blob/main/services\Network\vpnGateways\Deploy-VPNG-Ingress-Alert.json) | disabled | -| Deploy_VPNGw_TunnelIngressPacketDropCount_Alert | [deploy-vpng_ingresspacketdropcount_alert.json](../blob/main/src/resources/Microsoft.Authorization/policyDefinitions/amba/deploy-vpng_ingresspacketdropcount_alert.json) | deployIfNotExists| -| Deploy_VPNGw_TunnelIngressPacketDropMismatch_Alert | [deploy-vpng_ingresspacketdropmismatch_alert.json](../blob/main/src/resources/Microsoft.Authorization/policyDefinitions/amba/deploy-vpng_ingresspacketdropmismatch_alert.json) | deployIfNotExists | -| Deploy_PDNSZ_CapacityUtil_Alert | [deploy-pdnsz_capacityutilization_alert.json](../blob/main/src/resources/Microsoft.Authorization/policyDefinitions/amba/deploy-pdnsz_capacityutilization_alert.json) | deployIfNotExists| -| Deploy_PDNSZ_QueryVolume_Alert | [deploy-pdnsz_queryvolume_alert.json](../blob/main/src/resources/Microsoft.Authorization/policyDefinitions/amba/deploy-pdnsz_queryvolume_alert.json) | disabled | -| Deploy_PDNSZ_RecordSetCapacity_Alert | [deploy-pdnsz_recordsetcapacity_alert.json](../blob/main/src/resources/Microsoft.Authorization/policyDefinitions/amba/deploy-pdnsz_recordsetcapacity_alert.json) | deployIfNotExists | -| Deploy_DNSZ_RegistrationCapacityUtil_Alert | [deploy-pdnsz_registrationcapacityutilization_alert.json](../blob/main/src/resources/Microsoft.Authorization/policyDefinitions/amba/deploy-pdnsz_registrationcapacityutilization_alert.json) | deployIfNotExists| -| Deploy_ERGw_ExpressRouteBitsIn_Alert | [deploy-erg_bitsinpersecond_alert.json](../blob/main/src/resources/Microsoft.Authorization/policyDefinitions/amba/deploy-erg_bitsinpersecond_alert.json) | disabled| -| Deploy_ERGw_ExpressRouteBitsOut_Alert | [deploy-erg_bitsoutpersecond_alert.json](../blob/main/src/resources/Microsoft.Authorization/policyDefinitions/amba/deploy-erg_bitsoutpersecond_alert.json) | disabled| -| Deploy_ERGw_ExpressRouteCpuUtil_Alert | [deploy-erg_expressroutecpuutilization_alert.json](../blob/main/src/resources/Microsoft.Authorization/policyDefinitions/amba/deploy-erg_expressroutecpuutilization_alert.json) | deployIfNotExists | -| Deploy_VnetGw_TunnelEgressPacketDropMismatch_Alert | [deploy-vnetg_egresspacketdropmismatch_alert.json](../blob/main/src/resources/Microsoft.Authorization/policyDefinitions/amba/deploy-vnetg_egresspacketdropmismatch_alert.json) | deployIfNotExists | -| Deploy_VnetGw_ExpressRouteBitsPerSecond_Alert | [deploy-vnetg_expressroutebitspersecond_alert.json](../blob/main/src/resources/Microsoft.Authorization/policyDefinitions/amba/deploy-vnetg_expressroutebitspersecond_alert.json) | deployIfNotExists | -| Deploy_VnetGw_TunnelIngressPacketDropMismatch_Alert | [deploy-vnetg_ingresspacketdropmismatch_alert.json](../blob/main/src/resources/Microsoft.Authorization/policyDefinitions/amba/deploy-vnetg_ingresspacketdropmismatch_alert.json) | deployIfNotExists | -| Deploy_VnetGw_TunnelIngressPacketDropCount_Alert | [deploy-vnetg_ingresspacketdropcount_alert.json](../blob/main/src/resources/Microsoft.Authorization/policyDefinitions/amba/deploy-vnetg_ingresspacketdropcount_alert.json) | deployIfNotExists | -| Deploy_ERCIR_BgpAvailability_Alert | [deploy-ercir_bgpavailability_alert.json](../blob/main/src/resources/Microsoft.Authorization/policyDefinitions/amba/deploy-ercir_bgpavailability_alert.json) | deployIfNotExists | -| Deploy_ERCIR_ArpAvailability_Alert | [deploy-ercir_arpavailability_alert.json](../blob/main/src/resources/Microsoft.Authorization/policyDefinitions/amba/deploy-ercir_arpavailability_alert.json) | deployIfNotExists | -| Deploy_AFW_SNATPortUtilization_Alert | [deploy-afw_snatportutilization_alert.json](../blob/main/src/resources/Microsoft.Authorization/policyDefinitions/amba/deploy-afw_snatportutilization_alert.json) | deployIfNotExists | -| Deploy_AFW_FirewallHealth_Alert | [deploy-afw_firewallhealth_alert](../blob/main/src/resources/Microsoft.Authorization/policyDefinitions/amba/deploy-afw_firewallhealth_alert.json) | deployIfNotExists | -| Deploy_PublicIp_BytesInDDoSAttack_Alert | [deploy-pip_bytesinddosattack_alert.json](../blob/main/src/resources/Microsoft.Authorization/policyDefinitions/amba/deploy-pip_bytesinddosattack_alert.json) | disabled | -| Deploy_PublicIp_DDoSAttack_Alert | [deploy-pip_ddosattack_alert.json](../blob/main/src/resources/Microsoft.Authorization/policyDefinitions/amba/deploy-pip_ddosattack_alert.json) | deployIfNotExists | -| Deploy_PublicIp_PacketsInDDoSAttack_Alert | [deploy-pip_packetsinddos_alert.json](../blob/main/src/resources/Microsoft.Authorization/policyDefinitions/amba/deploy-pip_packetsinddos_alert.json) | disabled | -| Deploy_PublicIp_VIPAvailability_Alert | [deploy-pip_vipavailability_alert.json](../blob/main/src/resources/Microsoft.Authorization/policyDefinitions/amba/deploy-pip_vipavailability_alert.json) | deployIfNotExists | -| Deploy_VNET_DDoSAttack_Alert | [deploy-vnet_ddosattack_alert.json](../blob/main/src/resources/Microsoft.Authorization/policyDefinitions/amba/deploy-vnet_ddosattack_alert.json) | deployIfNotExists | -| Deploy_activitylog_Firewall_Delete | [deploy-activitylog-AzureFirewall-Del.json](../blob/main/src/resources/Microsoft.Authorization/policyDefinitions/amba/deploy-activitylog-AzureFirewall-Del.json) | deployIfNotExists | -| Deploy_activitylog_RouteTable_Update | [deploy-activitylog-RouteTable-Update.json](../blob/main/src/resources/Microsoft.Authorization/policyDefinitions/amba/deploy-activitylog-RouteTable-Update.json) | deployIfNotExists | -| Deploy_activitylog_NSG_Delete | [deploy-activitylog-NSG-Del.json](../blob/main/src/resources/Microsoft.Authorization/policyDefinitions/amba/deploy-activitylog-NSG-Del.json) | deployIfNotExists | -| Deploy_activitylog_VPNGateway_Delete | [deploy-activitylog-VPNGate-Del.json](../blob/main/src/resources/Microsoft.Authorization/policyDefinitions/amba/deploy-activitylog-VPNGate-Del.json) | deployIfNotExists | +| Deploy_VPNGw_BGPPeerStatus_Alert | [deploy-vpng_bgppeerstatus_alert.json](../blob/main/services/Network/vpnGateways/Deploy-VPNG-BGPPeerStatus-Alert.json) | deployIfNotExists| +| Deploy_VnetGw_ExpressRouteCpuUtil_Alert | [deploy-vnetg_expressroutecpuutilization_alert.json](../blob/main/services/Network/virtualNetworkGateways/Deploy-VNETG-ERGCPUUtilization-Alert.json) | deployIfNotExists| +| Deploy_VnetGw_TunnelBandwidth_Alert | [deploy-vnetg_bandwidthutilization_alert.json](../blob/main/services/Network/virtualNetworkGateways/Deploy-VNETG-BandwidthUtilization-Alert.json) | deployIfNotExists | +| Deploy_VnetGw_TunnelEgress_Alert | [deploy-vnetg_egress_alert.json](../blob/main/services/Network/virtualNetworkGateways/Deploy-VNETG-Egress-Alert.json) | disabled| +| Deploy_VnetGw_TunnelIngress_Alert | [deploy-vnetg_ingress_alert.json](../blob/main/services/Network/virtualNetworkGateways/Deploy-VNETG-Ingress-Alert.json) | disabled | +| Deploy_VPNGw_BandwidthUtil_Alert | [deploy-vpng_bandwidthutilization_alert.json](../blob/main/services/Network/vpnGateways/Deploy-VPNG-BandwidthUtilization-Alert.json) | deployIfNotExists | +| Deploy_VPNGw_Egress_Alert | [deploy-vpng_egress_alert.json](../blob/main/services/Network/vpnGateways/Deploy-VPNG-Egress-Alert.json) | disabled | +| Deploy_VPNGw_TunnelEgressPacketDropCount_Alert | [deploy-vpng_egresspacketdropcount_alert.json](../blob/main/services/Network/vpnGateways/Deploy-VPNG-EgressPacketDropCount-Alert.json) | deployIfNotExists| +| Deploy_VPNGw_TunnelEgressPacketDropMismatch_Alert | [deploy-vpng_egresspacketdropmismatch_alert.json](../blob/main/services/Network/vpnGateways/Deploy-VPNG-EgressPacketDropMismatch-Alert.json) | deployIfNotExists| +| Deploy_VPNGw_Ingress_Alert | [deploy-vpng_ingress_alert.json](../blob/main/services/Network/vpnGateways/Deploy-VPNG-Ingress-Alert.json) | disabled | +| Deploy_VPNGw_TunnelIngressPacketDropCount_Alert | [deploy-vpng_ingresspacketdropcount_alert.json](../blob/main/services/Network/vpnGateways/Deploy-VPNG-IngressPacketDropCount-Alert.json) | deployIfNotExists| +| Deploy_VPNGw_TunnelIngressPacketDropMismatch_Alert | [deploy-vpng_ingresspacketdropmismatch_alert.json](../blob/main/services/Network/vpnGateways/deploy-vpng_ingresspacketdropmismatch_alert.json) | deployIfNotExists | +| Deploy_PDNSZ_CapacityUtil_Alert | [deploy-pdnsz_capacityutilization_alert.json](../blob/main/services/Network/privateDnsZones/Deploy-PDNSZ_CapacityUtilization_Alert.json) | deployIfNotExists| +| Deploy_PDNSZ_QueryVolume_Alert | [deploy-pdnsz_queryvolume_alert.json](../blob/main/services/Network/privateDnsZones/Deploy-PDNSZ_QueryVolume_Alert.json) | disabled | +| Deploy_PDNSZ_RecordSetCapacity_Alert | [deploy-pdnsz_recordsetcapacity_alert.json](../blob/main/services/Network/privateDnsZones/Deploy-PDNSZ-RecordSetCapacity-Alert.json) | deployIfNotExists | +| Deploy_DNSZ_RegistrationCapacityUtil_Alert | [deploy-pdnsz_registrationcapacityutilization_alert.json](../blob/main/services/Network/privateDnsZones/Deploy-PDNSZ-RegistrationCapacityUtilization-Alert.json) | deployIfNotExists| +| Deploy_ERGw_ExpressRouteBitsIn_Alert | [deploy-erg_bitsinpersecond_alert.json](../blob/main/services/Network/expressRouteGateways/Deploy-ERG-BitsInPerSecond-Alert.json) | disabled| +| Deploy_ERGw_ExpressRouteBitsOut_Alert | [deploy-erg_bitsoutpersecond_alert.json](../blob/main/services/Network/expressRouteGateways/Deploy-ERG-BitsOutPerSecond-Alert.json) | disabled| +| Deploy_ERGw_ExpressRouteCpuUtil_Alert | [deploy-erg_expressroutecpuutilization_alert.json](../blob/main/services/Network/expressRouteGateways/Deploy-ERG-CPUUtilization-Alert.json) | deployIfNotExists | +| Deploy_VnetGw_TunnelEgressPacketDropMismatch_Alert | [deploy-vnetg_egresspacketdropmismatch_alert.json](../blob/main/services/Network/virtualNetworkGateways/Deploy-VNETG-EgressPacketDropMismatch-Alert.json) | deployIfNotExists | +| Deploy_VnetGw_ExpressRouteBitsPerSecond_Alert | [deploy-vnetg_expressroutebitspersecond_alert.json](../blob/main/services/Network/virtualNetworkGateways/Deploy-VNETG-ERGBitsPerSecond-Alert.json) | deployIfNotExists | +| Deploy_VnetGw_TunnelIngressPacketDropMismatch_Alert | [deploy-vnetg_ingresspacketdropmismatch_alert.json](../blob/main/services/Network/virtualNetworkGateways/Deploy-VNETG-IngressPacketDropMismatch-Alert.json) | deployIfNotExists | +| Deploy_VnetGw_TunnelIngressPacketDropCount_Alert | [deploy-vnetg_ingresspacketdropcount_alert.json](../blob/main/services/Network/virtualNetworkGateways/Deploy-VNETG-IngressPacketDropCount-Alert.json) | deployIfNotExists | +| Deploy_ERCIR_BgpAvailability_Alert | [deploy-ercir_bgpavailability_alert.json](../blob/main/services/Network/expressRouteCircuits/Deploy-ERCIR-BGPAvailability-Alert.json) | deployIfNotExists | +| Deploy_ERCIR_ArpAvailability_Alert | [deploy-ercir_arpavailability_alert.json](../blob/main/azure-monitor-baseline-alerts/services/Network/expressRouteCircuits/Deploy-ERCIR-ARPAvailability-Alert.json) | deployIfNotExists | +| Deploy_AFW_SNATPortUtilization_Alert | [deploy-afw_snatportutilization_alert.json](../blob/main/services/Network/azureFirewalls/Deploy-AFW-SNATPortUtilization-Alert.json) | deployIfNotExists | +| Deploy_AFW_FirewallHealth_Alert | [deploy-afw_firewallhealth_alert](../blob/main/services/Network/azureFirewalls/Deploy-AFW-FirewallHealth-Alert.json) | deployIfNotExists | +| Deploy_PublicIp_BytesInDDoSAttack_Alert | [deploy-pip_bytesinddosattack_alert.json](../blob/main/services/Network/publicIPAddresses/Deploy-PIP-BytesInDDOSAttack-Alert.json) | disabled | +| Deploy_PublicIp_DDoSAttack_Alert | [deploy-pip_ddosattack_alert.json](../blob/main/services/Network/publicIPAddresses/Deploy-PIP-DDOSAttack-Alert.json) | deployIfNotExists | +| Deploy_PublicIp_PacketsInDDoSAttack_Alert | [deploy-pip_packetsinddos_alert.json](../blob/main/services/Network/publicIPAddresses/Deploy-PIP-PacketsInDDOS-Alert.json) | disabled | +| Deploy_PublicIp_VIPAvailability_Alert | [deploy-pip_vipavailability_alert.json](../blob/main/services/Network/publicIPAddresses/Deploy-PIP-VIPAvailability-Alert.json) | deployIfNotExists | +| Deploy_VNET_DDoSAttack_Alert | [deploy-vnet_ddosattack_alert.json](../blob/main/services/Network/virtualNetworks/Deploy-VNET-DDOSAttack-Alert.json) | deployIfNotExists | +| Deploy_activitylog_Firewall_Delete | [deploy-activitylog-AzureFirewall-Del.json](../blob/main/services/Network/azureFirewalls/Deploy-ActivityLog-AzureFirewall-Del.json) | deployIfNotExists | +| Deploy_activitylog_RouteTable_Update | [deploy-activitylog-RouteTable-Update.json](../blob/main/services/Network/routeTables/Deploy-ActivityLog-RouteTable-Update.json) | deployIfNotExists | +| Deploy_activitylog_NSG_Delete | [deploy-activitylog-NSG-Del.json](../blob/main/services/Network/networkSecurityGroups/Deploy-ActivityLog-NSG-Del.json) | deployIfNotExists | +| Deploy_activitylog_VPNGateway_Delete | [deploy-activitylog-VPNGate-Del.json](../blob/main/services/Network/vpnGateways/Deploy-ActivityLog-VPNG-Del.json) | deployIfNotExists | ## Management initiative @@ -59,11 +59,11 @@ This initiative is intended for assignment of policies relevant to management co | **Policy Name** | **Path to policy json file** | **Policy default effect** | |----------|----------|----------| -| Deploy_AA_TotalJob_Alert | [deploy-aa_totaljob_alert.json](../blob/main/src/resources/Microsoft.Authorization/policyDefinitions/amba/deploy-aa_totaljob_alert.json) | deployIfNotExists | -| Deploy_RecoveryVault_BackupHealth_Alert | [deploy-rv_backuphealth_alert.json](../blob/main/src/resources/Microsoft.Authorization/policyDefinitions/amba/deploy-rv_backuphealth_alert.json) | modify | -| Deploy_StorageAccount_Availability_Alert | [deploy-sa_availability_alert.json](../blob/main/src/resources/Microsoft.Authorization/policyDefinitions/amba/deploy-sa_availability_alert.json) | deployIfNotExists | -| Deploy_activitylog_LAWorkspace_Delete | [deploy-activitylog-LAWorkspace-Del.json](../blob/main/src/resources/Microsoft.Authorization/policyDefinitions/amba/deploy-activitylog-LAWorkspace-Del.json) | deployIfNotExists | -| Deploy_activitylog_LAWorkspace_KeyRegen | [deploy-activitylog-LAWorkspace-ReGen.json](../blob/main/src/resources/Microsoft.Authorization/policyDefinitions/amba/deploy-activitylog-LAWorkspace-ReGen.json) | deployIfNotExists | +| Deploy_AA_TotalJob_Alert | [deploy-aa_totaljob_alert.json](../blob/main/services/Automation/automationAccounts/Deploy-AA-TotalJob-Alert.json) | deployIfNotExists | +| Deploy_RecoveryVault_BackupHealth_Alert | [deploy-rv_backuphealth_alert.json](../blob/main/services/RecoveryServices/vaults/Modify-RSV-BackupHealth-Alert.json) | modify | +| Deploy_StorageAccount_Availability_Alert | [deploy-sa_availability_alert.json](../blob/main/services/Storage/storageAccounts/Deploy-SA-Availability-Alert.json) | deployIfNotExists | +| Deploy_activitylog_LAWorkspace_Delete | [deploy-activitylog-LAWorkspace-Del.json](../blob/main/services/OperationalInsights/workspaces/Deploy-ActivityLog-LAWorkspace-Del.json) | deployIfNotExists | +| Deploy_activitylog_LAWorkspace_KeyRegen | [deploy-activitylog-LAWorkspace-ReGen.json](../blob/main/services/OperationalInsights/workspaces/Deploy-ActivityLog-LAWorkspace-KeyRegen.json) | deployIfNotExists | ## Identity initiative @@ -71,11 +71,11 @@ This initiative is intended for assignment of policies relevant to identity comp | **Policy Name** | **Path to policy json file** | **Policy default effect** | |----------|----------|----------| -| Deploy_KeyVault_Requests_Alert | [deploy-kv_requests_alert.json](../blob/main/src/resources/Microsoft.Authorization/policyDefinitions/amba/deploy-kv_requests_alert.json) | disabled | -| Deploy_KeyVault_Availability_Alert | [deploy-kv_availability_alert.json](../blob/main/src/resources/Microsoft.Authorization/policyDefinitions/amba/deploy-kv_availability_alert.json) | disabled | -| Deploy_KeyVault_Latency_Alert | [deploy-kv_latency_alert.json](../blob/main/src/resources/Microsoft.Authorization/policyDefinitions/amba/deploy-kv_latency_alert.json) | disabled | -| Deploy_KeyVault_Capacity_Alert | [deploy-kv_capacity_alert.json](../blob/main/src/resources/Microsoft.Authorization/policyDefinitions/amba/deploy-kv_capacity_alert.json) | disabled | -| Deploy_activitylog_KeyVault_Delete | [deploy-activitylog-KeyVault-Del.json](../blob/main/src/resources/Microsoft.Authorization/policyDefinitions/amba/deploy-activitylog-KeyVault-Del.json) | deployIfNotExists | +| Deploy_KeyVault_Requests_Alert | [deploy-kv_requests_alert.json](../blob/main/services/KeyVault/vaults/Deploy-KV-Requests-Alert.json | disabled | +| Deploy_KeyVault_Availability_Alert | [deploy-kv_availability_alert.json](../blob/main/services/KeyVault/vaults/Deploy-KV-Availability-Alert.json) | disabled | +| Deploy_KeyVault_Latency_Alert | [deploy-kv_latency_alert.json](../blob/main/services/KeyVault/vaults/Deploy-KV-Latency-Alert.json) | disabled | +| Deploy_KeyVault_Capacity_Alert | [deploy-kv_capacity_alert.json](../blob/main/services/KeyVault/vaults/Deploy-KV-Capacity-Alert.json) | disabled | +| Deploy_activitylog_KeyVault_Delete | [deploy-activitylog-KeyVault-Del.json](../blob/main/services/KeyVault/vaults/Deploy-ActivityLog-KeyVault-Del.json) | deployIfNotExists | ## Landing Zone initiative @@ -83,31 +83,31 @@ This initiative is intended for assignment of policies relevant to a landing zon | **Policy Name** | **Path to policy json file** | **Policy default effect** | |----------|----------|----------| -| Deploy_StorageAccount_Availability_Alert | [deploy-sa_availability_alert.json](../blob/main/src/resources/Microsoft.Authorization/policyDefinitions/amba/deploy-sa_availability_alert.json) | deployIfNotExists | -| Deploy_KeyVault_Requests_Alert | [deploy-kv_requests_alert.json](../blob/main/src/resources/Microsoft.Authorization/policyDefinitions/amba/deploy-kv_requests_alert.json) | disabled | -| Deploy_KeyVault_Availability_Alert | [deploy-kv_availability_alert.json](../blob/main/src/resources/Microsoft.Authorization/policyDefinitions/amba/deploy-kv_availability_alert.json) | deployIfNotExists- | -| Deploy_KeyVault_Latency_Alert | [deploy-kv_latency_alert.json](../blob/main/src/resources/Microsoft.Authorization/policyDefinitions/amba/deploy-kv_latency_alert.json) | deployIfNotExists | -| Deploy_KeyVault_Capacity_Alert | [deploy-kv_capacity_alert.json](../blob/main/src/resources/Microsoft.Authorization/policyDefinitions/amba/deploy-kv_capacity_alert.json) | deployIfNotExists | -| Deploy_activitylog_KeyVault_Delete | [deploy-activitylog-KeyVault-Del.json](../blob/main/src/resources/Microsoft.Authorization/policyDefinitions/amba/deploy-activitylog-KeyVault-Del.json) | deployIfNotExists | -| Deploy_activitylog_RouteTable_Update | [deploy-activitylog-RouteTable-Update.json](../blob/main/src/resources/Microsoft.Authorization/policyDefinitions/amba/deploy-activitylog-RouteTable-Update.json) | deployIfNotExists | -| Deploy_activitylog_NSG_Delete | [deploy-activitylog-NSG-Del.json](../blob/main/src/resources/Microsoft.Authorization/policyDefinitions/amba/deploy-activitylog-NSG-Del.json) | deployIfNotExists | -| Deploy_PublicIp_BytesInDDoSAttack_Alert | [deploy-pip_bytesinddosattack_alert.json](../blob/main/src/resources/Microsoft.Authorization/policyDefinitions/amba/deploy-pip_bytesinddosattack_alert.json) | disabled | -| Deploy_PublicIp_DDoSAttack_Alert | [deploy-pip_ddosattack_alert.json](../blob/main/src/resources/Microsoft.Authorization/policyDefinitions/amba/deploy-pip_ddosattack_alert.json) | deployIfNotExists | -| Deploy_PublicIp_PacketsInDDoSAttack_Alert | [deploy-pip_packetsinddos_alert.json](../blob/main/src/resources/Microsoft.Authorization/policyDefinitions/amba/deploy-pip_packetsinddos_alert.json) | disabled | -| Deploy_PublicIp_VIPAvailability_Alert | [deploy-pip_vipavailability_alert.json](../blob/main/src/resources/Microsoft.Authorization/policyDefinitions/amba/deploy-pip_vipavailability_alert.json) | deployIfNotExists | -| Deploy_VNET_DDoSAttack_Alert | [deploy-vnet_ddosattack_alert.json](../blob/main/src/resources/Microsoft.Authorization/policyDefinitions/amba/deploy-vnet_ddosattack_alert.json) | deployIfNotExists | -| Deploy_RecoveryVault_BackupHealthMonitor_Alert | [deploy-rv_backuphealth_monitor.json](../blob/main/src/resources/Microsoft.Authorization/policyDefinitions/amba/deploy-rv_backuphealth_monitor.json) | modify | -| Deploy_VM_HeartBeat_Alert | [deploy-vm-HeartBeat_alert.json](../blob/main/src/resources/Microsoft.Authorization/policyDefinitions/amba/deploy-vm-HeartBeat_alert.json) | deployIfNotExists | -| Deploy_VM_NetworkIn_Alert | [deploy-vm-NetworkIn_alert.json](../blob/main/src/resources/Microsoft.Authorization/policyDefinitions/amba/deploy-vm-NetworkIn_alert.json) | deployIfNotExists | -| Deploy_VM_NetworkOut_Alert | [deploy-vm-NetworkOut_alert.json](../blob/main/src/resources/Microsoft.Authorization/policyDefinitions/amba/deploy-vm-NetworkOut_alert.json) | deployIfNotExists | -| Deploy_VM_OSDiskreadLatency_Alert | [deploy-vm-OSDiskreadLatency_alert.json](../blob/main/src/resources/Microsoft.Authorization/policyDefinitions/amba/deploy-vm-OSDiskreadLatency_alert.json) | deployIfNotExists | -| Deploy_VM_OSDiskwriteLatency_Alert | [deploy-vm-OSDiskwriteLatency_alert.json](../blob/main/src/resources/Microsoft.Authorization/policyDefinitions/amba/deploy-vm-OSDiskwriteLatency_alert.json) | deployIfNotExists | -| Deploy_VM_OSDiskSpace_Alert | [deploy-vm-OSDiskSpace_alert.json](../blob/main/src/resources/Microsoft.Authorization/policyDefinitions/amba/deploy-vm-OSDiskSpace_alert.json) | deployIfNotExists | -| Deploy_VM_CPU_Alert | [deploy-vm-PercentCPU_alert.json](../blob/main/src/resources/Microsoft.Authorization/policyDefinitions/amba/deploy-vm-PercentCPU_alert.json) | deployIfNotExists | -| Deploy_VM_Memory_Alert | [deploy-vm-PercentMemory_alert.json](../blob/main/src/resources/Microsoft.Authorization/policyDefinitions/amba/deploy-vm-PercentMemory_alert.json) | deployIfNotExists | -| Deploy_VM_dataDiskSpace_Alert | [deploy-vm-dataDiskSpace_alert.json](../blob/main/src/resources/Microsoft.Authorization/policyDefinitions/amba/deploy-vm-dataDiskSpace_alert.json) | deployIfNotExists | +| Deploy_StorageAccount_Availability_Alert | [deploy-sa_availability_alert.json](../blob/main/services/Storage/storageAccounts/Deploy-SA-Availability-Alert.json) | deployIfNotExists | +| Deploy_KeyVault_Requests_Alert | [deploy-kv_requests_alert.json](../blob/main/services/KeyVault/vaults/Deploy-KV-Requests-Alert.json) | disabled | +| Deploy_KeyVault_Availability_Alert | [deploy-kv_availability_alert.json](../blob/main/services/KeyVault/vaults/Deploy-KV-Availability-Alert.json) | deployIfNotExists- | +| Deploy_KeyVault_Latency_Alert | [deploy-kv_latency_alert.json](../blob/main/services/KeyVault/vaults/Deploy-KV-Latency-Alert.json) | deployIfNotExists | +| Deploy_KeyVault_Capacity_Alert | [deploy-kv_capacity_alert.json](../blob/main/services/KeyVault/vaults/Deploy-KV-Capacity-Alert.json) | deployIfNotExists | +| Deploy_activitylog_KeyVault_Delete | [deploy-activitylog-KeyVault-Del.json](../blob/main/services/KeyVault/vaults/Deploy-ActivityLog-KeyVault-Del.json) | deployIfNotExists | +| Deploy_activitylog_RouteTable_Update | [deploy-activitylog-RouteTable-Update.json](../blob/services/Network/routeTables/Deploy-ActivityLog-RouteTable-Update.json) | deployIfNotExists | +| Deploy_activitylog_NSG_Delete | [deploy-activitylog-NSG-Del.json](../blob/main/services/Network/networkSecurityGroups/Deploy-ActivityLog-NSG-Del.jsonn) | deployIfNotExists | +| Deploy_PublicIp_BytesInDDoSAttack_Alert | [deploy-pip_bytesinddosattack_alert.json](../blob/main/services/Network/publicIPAddresses/Deploy-PIP-BytesInDDOSAttack-Alert.json) | disabled | +| Deploy_PublicIp_DDoSAttack_Alert | [deploy-pip_ddosattack_alert.json](../blob/main/services/Network/publicIPAddresses/Deploy-PIP-DDOSAttack-Alert.json) | deployIfNotExists | +| Deploy_PublicIp_PacketsInDDoSAttack_Alert | [deploy-pip_packetsinddos_alert.json](../blob/main/services/Network/publicIPAddresses/Deploy-PIP-PacketsInDDOS-Alert.json) | disabled | +| Deploy_PublicIp_VIPAvailability_Alert | [deploy-pip_vipavailability_alert.json](../blob/main/services/Network/publicIPAddresses/Deploy-PIP-VIPAvailability-Alert.json) | deployIfNotExists | +| Deploy_VNET_DDoSAttack_Alert | [deploy-vnet_ddosattack_alert.json](../blob/main/services/Network/virtualNetworks/Deploy-VNET-DDOSAttack-Alert.json) | deployIfNotExists | +| Deploy_RecoveryVault_BackupHealthMonitor_Alert | [deploy-rv_backuphealth_monitor.json](../blob/main/services/RecoveryServices/vaults/Modify-RSV-BackupHealth-Alert.json) | modify | +| Deploy_VM_HeartBeat_Alert | [deploy-vm-HeartBeat_alert.json](../blob/main/services/Compute/virtualMachines/Deploy-VM-HeartBeat-Alert.json) | deployIfNotExists | +| Deploy_VM_NetworkIn_Alert | [deploy-vm-NetworkIn_alert.json](../blob/main/services/Compute/virtualMachines/Deploy-VM-NetworkIn-Alert.json) | deployIfNotExists | +| Deploy_VM_NetworkOut_Alert | [deploy-vm-NetworkOut_alert.json](../blob/main/services/Compute/virtualMachines/Deploy-VM-NetworkOut-Alert.json) | deployIfNotExists | +| Deploy_VM_OSDiskreadLatency_Alert | [deploy-vm-OSDiskreadLatency_alert.json](../blob/main/services/Compute/virtualMachines/Deploy-VM-OSDiskReadLatency-Alert.json) | deployIfNotExists | +| Deploy_VM_OSDiskwriteLatency_Alert | [deploy-vm-OSDiskwriteLatency_alert.json](../blob/main/services/Compute/virtualMachines/Deploy-VM-OSDiskWriteLatency-Alert.json) | deployIfNotExists | +| Deploy_VM_OSDiskSpace_Alert | [deploy-vm-OSDiskSpace_alert.json](../blob/main/services/Compute/virtualMachines/Deploy-VM-OSDiskSpace-Alert.json) | deployIfNotExists | +| Deploy_VM_CPU_Alert | [deploy-vm-PercentCPU_alert.json](../blob/main/services/Compute/virtualMachines/Deploy-VM-PercentCPU-Alert.json) | deployIfNotExists | +| Deploy_VM_Memory_Alert | [deploy-vm-PercentMemory_alert.json](../blob/main/services/Compute/virtualMachines/Deploy-VM-PercentMemory-Alert.json) | deployIfNotExists | +| Deploy_VM_dataDiskSpace_Alert | [deploy-vm-dataDiskSpace_alert.json](../blob/main/services/Compute/virtualMachines/Deploy-VM-DataDiskSpace-Alert.json) | deployIfNotExists | | Deploy_VM_dataDiskReadLatency_Alert | [deploy-vm-dataDiskreadLatency_alert.json](../blob/main/src/resources/Microsoft.Authorization/policyDefinitions/amba/deploy-vm-dataDiskreadLatency_alert.json) | deployIfNotExists | -| Deploy_VM_dataDiskWriteLatency_Alert | [deploy-vm-dataDiskwriteLatency_alert.json](../blob/main/src/resources/Microsoft.Authorization/policyDefinitions/amba/deploy-vm-dataDiskwriteLatency_alert.json) | deployIfNotExists | +| Deploy_VM_dataDiskWriteLatency_Alert | [deploy-vm-dataDiskwriteLatency_alert.json](../blob/main/services/Compute/virtualMachines/Deploy-VM-DataDiskWriteLatency-Alert.json) | deployIfNotExists | ## Service Health initiative @@ -115,9 +115,9 @@ This initiative is intended for assignment of policies relevant to service healt | **Policy Name** | **Path to policy json file** | **Policy default effect** | |----------|----------|----------| -| Deploy_activitylog_ServiceHealth_SecurityAdvisory | [deploy-activitylog-ServiceHealth-Security.json](../blob/main/src/resources/Microsoft.Authorization/policyDefinitions/amba/deploy-activitylog-ServiceHealth-Security.json) | deployIfNotExists | -| Deploy_activitylog_ResourceHealth_Unhealthy_Alert | [deploy-activitylog-ResourceHealth-UnHealthly-alert.json](../blob/main/src/resources/Microsoft.Authorization/policyDefinitions/amba/deploy-activitylog-ResourceHealth-UnHealthly-alert.json) | deployIfNotExists | -| Deploy_activitylog_ServiceHealth_HealthAdvisory | [deploy-activitylog-ServiceHealth-Health.json](../blob/main/src/resources/Microsoft.Authorization/policyDefinitions/amba/deploy-activitylog-ServiceHealth-Health.json) | deployIfNotExists | -| Deploy_activitylog_ServiceHealth_Incident | [deploy-activitylog-ServiceHealth-Incident.json](../blob/main/src/resources/Microsoft.Authorization/policyDefinitions/amba/deploy-activitylog-ServiceHealth-Incident.json) | deployIfNotExists | -| Deploy_activitylog_ServiceHealth_Maintenance | [deploy-activitylog-ServiceHealth-Maintenance.json](../blob/main/src/resources/Microsoft.Authorization/policyDefinitions/amba/deploy-activitylog-ServiceHealth-Maintenance.json) | deployIfNotExists | -| Deploy_AlertProcessing_Rule | [deploy-alertprocessingrule-deploy.json](../blob/main/src/resources/Microsoft.Authorization/policyDefinitions/amba/deploy-alertprocessingrule-deploy.json) | deployIfNotExists | +| Deploy_activitylog_ServiceHealth_SecurityAdvisory | [deploy-activitylog-ServiceHealth-Security.json](../blob/main/services/Resources/subscriptions/Deploy-ActivityLog-ServiceHealth-Security.json) | deployIfNotExists | +| Deploy_activitylog_ResourceHealth_Unhealthy_Alert | [deploy-activitylog-ResourceHealth-UnHealthly-alert.json](../blob/main/services/Resources/subscriptions/Deploy-ActivityLog-ResourceHealth-UnHealthly-Alert.json) | deployIfNotExists | +| Deploy_activitylog_ServiceHealth_HealthAdvisory | [deploy-activitylog-ServiceHealth-Health.json](../blob/main/services/Resources/subscriptions/Deploy-ActivityLog-ServiceHealth-Health.json) | deployIfNotExists | +| Deploy_activitylog_ServiceHealth_Incident | [deploy-activitylog-ServiceHealth-Incident.json](../blob/main/services/Resources/subscriptions/Deploy-ActivityLog-ServiceHealth-Incident.json) | deployIfNotExists | +| Deploy_activitylog_ServiceHealth_Maintenance | [deploy-activitylog-ServiceHealth-Maintenance.json](../blob/main/services/Resources/subscriptions/Deploy-ActivityLog-ServiceHealth-Maintenance.json) | deployIfNotExists | +| Deploy_AlertProcessing_Rule | [deploy-alertprocessingrule-deploy.json](../blob/main/services/AlertsManagement/actionRules/Deploy-AlertProcessingRule-Deploy.json) | deployIfNotExists | From b123a25d473a33f02d5fc9bba1655abfb2c52c96 Mon Sep 17 00:00:00 2001 From: Joseph Barnes Date: Wed, 4 Oct 2023 20:31:25 -0500 Subject: [PATCH 3/5] Update alerts.yaml corrected indentation --- .../Automation/automationAccounts/alerts.yaml | 44 +++++++++---------- 1 file changed, 22 insertions(+), 22 deletions(-) diff --git a/services/Automation/automationAccounts/alerts.yaml b/services/Automation/automationAccounts/alerts.yaml index ff55533f7..5ac3b0403 100644 --- a/services/Automation/automationAccounts/alerts.yaml +++ b/services/Automation/automationAccounts/alerts.yaml @@ -4,7 +4,7 @@ verified: false visible: true tags: - - alz + - alz properties: metricName: TotalJob metricNamespace: Microsoft.Automation/automationAccounts @@ -17,9 +17,9 @@ criterionType: StaticThresholdCriterion dimensions: - Status: - operator: Exclude - values: - - Completed + operator: Exclude + values: + - Completed autoMitigate: false references: - name: Azure Automation Azure Monitor Metrics @@ -39,8 +39,8 @@ verified: false visible: false tags: - - auto-generated - - agc-6781 + - auto-generated + - agc-6781 properties: metricName: TotalJob metricNamespace: Microsoft.Automation/automationAccounts @@ -51,10 +51,10 @@ operator: GreaterThan criterionType: StaticThresholdCriterion dimensions: - - name: status - operator: include - values: - - failed + - name: status + operator: include + values: + - failed threshold: 0.0 autoMitigate: false - name: TotalUpdateDeploymentMachineRuns @@ -65,8 +65,8 @@ verified: false visible: false tags: - - auto-generated - - agc-1624 + - auto-generated + - agc-1624 properties: metricName: TotalUpdateDeploymentMachineRuns metricNamespace: Microsoft.Automation/automationAccounts @@ -77,10 +77,10 @@ operator: GreaterThan criterionType: StaticThresholdCriterion dimensions: - - name: status - operator: include - values: - - failed + - name: status + operator: include + values: + - failed threshold: 0.0 autoMitigate: false - name: TotalUpdateDeploymentRuns @@ -89,8 +89,8 @@ verified: false visible: false tags: - - auto-generated - - agc-1216 + - auto-generated + - agc-1216 properties: metricName: TotalUpdateDeploymentRuns metricNamespace: Microsoft.Automation/automationAccounts @@ -101,9 +101,9 @@ operator: GreaterThan criterionType: StaticThresholdCriterion dimensions: - - name: status - operator: include - values: - - failed + - name: status + operator: include + values: + - failed threshold: 0.0 autoMitigate: false From 24295b6e694b4a44f8589966c5a3a83aa4463203 Mon Sep 17 00:00:00 2001 From: Joseph Barnes Date: Wed, 4 Oct 2023 20:33:44 -0500 Subject: [PATCH 4/5] Update alerts.yaml changed multiline description to single line per YAML formatting --- services/Automation/automationAccounts/alerts.yaml | 4 +--- 1 file changed, 1 insertion(+), 3 deletions(-) diff --git a/services/Automation/automationAccounts/alerts.yaml b/services/Automation/automationAccounts/alerts.yaml index 5ac3b0403..142714c8d 100644 --- a/services/Automation/automationAccounts/alerts.yaml +++ b/services/Automation/automationAccounts/alerts.yaml @@ -58,9 +58,7 @@ threshold: 0.0 autoMitigate: false - name: TotalUpdateDeploymentMachineRuns - description: - Total software update deployment machine runs in a software update - deployment run + description: Total software update deployment machine runs in a software update deployment run type: Metric verified: false visible: false From 0473cb43bc4f1530afa3177cf9ac8df7546619ad Mon Sep 17 00:00:00 2001 From: Bryanzab <31073790+bzabber@users.noreply.github.com> Date: Thu, 5 Oct 2023 09:33:52 -0400 Subject: [PATCH 5/5] Update Alerts-Details.md Updated Note based on Joey's comment. --- docs/content/patterns/alz/Alerts-Details.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docs/content/patterns/alz/Alerts-Details.md b/docs/content/patterns/alz/Alerts-Details.md index b9b33ae78..1e6947db0 100644 --- a/docs/content/patterns/alz/Alerts-Details.md +++ b/docs/content/patterns/alz/Alerts-Details.md @@ -23,7 +23,7 @@ The Scope column details where we scoped the alerts as described in [Introductio Only a small number of the resources support metric alert rules scoped at the subscription level and the metric alerts would only apply to resources deployed within the same region. The Support for Multiple Resources column to show which resources support metric alerts being scoped at the subscription level. For a complete list of which resources support metrics alert rules scoped at the subscription level click [here](https://learn.microsoft.com/en-us/azure/azure-monitor/alerts/alerts-types#monitor-multiple-resources). -> **NOTE**: We have tried to make it so that the table doesn't require a lot of side to side scrolling, but it is still a lot of information, we recommended that you click on the specifc alert name which will take you directly to alert details of that alert. +> **NOTE**: We have tried to make it so that the table doesn't require a lot of side to side scrolling, but it is still a lot of information, we recommended that you click on the specifc alert name which will take you directly to the JSON definition of the alert you're interested in. {{< alzMetricAlerts >}}