From 69fcee4ae5b27987d328c3ea98c31ea072505801 Mon Sep 17 00:00:00 2001 From: Bryan Zabchuk Date: Sat, 30 Sep 2023 09:37:44 -0400 Subject: [PATCH 1/4] Initial References updated for automation accounts, keyvault, AzureFirewall, ER Circuits, ER Gateways, Azure LoadBalancer, VNET Gateways, VPN Gateways, Storage Accounts. --- .../Automation/automationAccounts/alerts.yaml | 3 ++ services/KeyVault/vaults/alerts.yaml | 28 +++++++++++++++++++ services/Network/azureFirewalls/alerts.yaml | 6 ++++ .../Network/expressRouteCircuits/alerts.yaml | 20 +++++++++++++ .../Network/expressRouteGateways/alerts.yaml | 9 ++++++ services/Network/loadBalancers/alerts.yaml | 22 +++++++++++++++ .../virtualNetworkGateways/alerts.yaml | 27 ++++++++++++++++++ services/Network/vpnGateways/alerts.yaml | 26 +++++++++++++++++ services/Storage/storageAccounts/alerts.yaml | 5 ++++ 9 files changed, 146 insertions(+) diff --git a/services/Automation/automationAccounts/alerts.yaml b/services/Automation/automationAccounts/alerts.yaml index 3a38269d5..85acd7324 100644 --- a/services/Automation/automationAccounts/alerts.yaml +++ b/services/Automation/automationAccounts/alerts.yaml @@ -16,6 +16,9 @@ operator: Exclude values: - Completed + references: + - name: Azure Automation Azure Monitor Metrics + url: https://docs.microsoft.com/en-us/azure/azure-monitor/essentials/metrics-supported#microsoftautomationautomationaccounts deployments: - description: Policy to audit/deploy Automation Account TotalJob Alert template: Deploy-AA-TotalJob-Alert.json diff --git a/services/KeyVault/vaults/alerts.yaml b/services/KeyVault/vaults/alerts.yaml index 73b8ad4f3..34f111a15 100644 --- a/services/KeyVault/vaults/alerts.yaml +++ b/services/KeyVault/vaults/alerts.yaml @@ -26,6 +26,13 @@ operator: LessThan threshold: 90 criterionType: StaticThresholdCriterion + references: + - name: Monitoring KeyVault Reference + url: https://docs.microsoft.com/en-us/azure/key-vault/general/monitor-key-vault-reference + - name: Monitoring Microsoft.KeyVault/vaults + url: https://docs.microsoft.com/en-us/azure/key-vault/general/monitor-key-vault + - name: KeyVault Insights Overview + url: https://docs.microsoft.com/en-us/azure/azure-monitor/insights/key-vault-insights-overview deployments: - description: Policy to audit/deploy KeyVault Availability Alert template: Deploy-KV-Availability-Alert.json @@ -42,6 +49,13 @@ operator: GreaterThan threshold: 75 criterionType: StaticThresholdCriterion + references: + - name: Monitoring KeyVault Reference + url: https://docs.microsoft.com/en-us/azure/key-vault/general/monitor-key-vault-reference + - name: Monitoring Microsoft.KeyVault/vaults + url: https://docs.microsoft.com/en-us/azure/key-vault/general/monitor-key-vault + - name: KeyVault Insights Overview + url: https://docs.microsoft.com/en-us/azure/azure-monitor/insights/key-vault-insights-overview deployments: - description: Policy to audit/deploy KeyVault Capacity Alert template: Deploy-KV-Capacity-Alert.json @@ -58,6 +72,13 @@ operator: GreaterThan threshold: 1000 criterionType: StaticThresholdCriterion + references: + - name: Monitoring KeyVault Reference + url: https://docs.microsoft.com/en-us/azure/key-vault/general/monitor-key-vault-reference + - name: Monitoring Microsoft.KeyVault/vaults + url: https://docs.microsoft.com/en-us/azure/key-vault/general/monitor-key-vault + - name: KeyVault Insights Overview + url: https://docs.microsoft.com/en-us/azure/azure-monitor/insights/key-vault-insights-overview deployments: - description: Policy to audit/deploy KeyVault Latency Alert template: Deploy-KV-Latency-Alert.json @@ -77,6 +98,13 @@ failingPeriods: numberOfEvaluationPeriods: 4 minFailingPeriodsToAlert: 4 + references: + - name: Monitoring KeyVault Reference + url: https://docs.microsoft.com/en-us/azure/key-vault/general/monitor-key-vault-reference + - name: Monitoring Microsoft.KeyVault/vaults + url: https://docs.microsoft.com/en-us/azure/key-vault/general/monitor-key-vault + - name: KeyVault Insights Overview + url: https://docs.microsoft.com/en-us/azure/azure-monitor/insights/key-vault-insights-overview deployments: - description: Policy to audit/deploy KeyVault Requests Alert template: Deploy-KV-Requests-Alert.json diff --git a/services/Network/azureFirewalls/alerts.yaml b/services/Network/azureFirewalls/alerts.yaml index 5cc09339a..1bc846513 100644 --- a/services/Network/azureFirewalls/alerts.yaml +++ b/services/Network/azureFirewalls/alerts.yaml @@ -26,6 +26,9 @@ operator: LessThan threshold: 90 criterionType: StaticThresholdCriterion + references: + - name: Overview of Azure Firewall logs and metrics + url: https://docs.microsoft.com/en-us/azure/firewall/logs-and-metrics#metrics deployments: - description: Policy to audit/deploy Azure Firewall FirewallHealth Alert template: Deploy-AFW-FirewallHealth-Alert.json @@ -42,6 +45,9 @@ operator: LessThan threshold: 80 criterionType: StaticThresholdCriterion + references: + - name: Overview of Azure Firewall logs and metrics + url: https://docs.microsoft.com/en-us/azure/firewall/logs-and-metrics#metrics deployments: - description: Policy to audit/deploy Azure Firewall SNATPortUtilization Alert template: Deploy-AFW-SNATPortUtilization-Alert.json diff --git a/services/Network/expressRouteCircuits/alerts.yaml b/services/Network/expressRouteCircuits/alerts.yaml index aa6e59b2f..51ed8a772 100644 --- a/services/Network/expressRouteCircuits/alerts.yaml +++ b/services/Network/expressRouteCircuits/alerts.yaml @@ -11,6 +11,11 @@ operator: LessThan threshold: 90 criterionType: StaticThresholdCriterion + references: + - name: Monitor ExpressRoute Alerts + url: https://docs.microsoft.com/en-us/azure/expressroute/monitor-expressroute#alerts + - name: ExpressRoute KQL Queries + url: https://docs.microsoft.com/en-us/azure/expressroute/monitor-expressroute#sample-kusto-queries deployments: - description: Policy to audit/deploy ExpressRoute Circuits ARP Availability Alert template: Deploy-ERCIR-ARPAvailability-Alert.json @@ -27,6 +32,11 @@ operator: LessThan threshold: 90 criterionType: StaticThresholdCriterion + references: + - name: Monitor ExpressRoute Alerts + url: https://docs.microsoft.com/en-us/azure/expressroute/monitor-expressroute#alerts + - name: ExpressRoute KQL Queries + url: https://docs.microsoft.com/en-us/azure/expressroute/monitor-expressroute#sample-kusto-queries deployments: - description: Policy to audit/deploy ExpressRoute Circuits BGP Availability Alert template: Deploy-ERCIR-BGPAvailability-Alert.json @@ -46,6 +56,11 @@ failingPeriods: numberOfEvaluationPeriods: 4 minFailingPeriodsToAlert: 4 + references: + - name: Monitor ExpressRoute Alerts + url: https://docs.microsoft.com/en-us/azure/expressroute/monitor-expressroute#alerts + - name: ExpressRoute KQL Queries + url: https://docs.microsoft.com/en-us/azure/expressroute/monitor-expressroute#sample-kusto-queries deployments: - description: Policy to audit/deploy ExpressRoute Circuits QosDropBitsInPerSecond Alert template: Deploy-ERCIR-QOSDropsBitsIn-Alert.json @@ -65,6 +80,11 @@ failingPeriods: numberOfEvaluationPeriods: 4 minFailingPeriodsToAlert: 4 + references: + - name: Monitor ExpressRoute Alerts + url: https://docs.microsoft.com/en-us/azure/expressroute/monitor-expressroute#alerts + - name: ExpressRoute KQL Queries + url: https://docs.microsoft.com/en-us/azure/expressroute/monitor-expressroute#sample-kusto-queries deployments: - description: Policy to audit/deploy ExpressRoute Circuits QosDropBitsOutPerSecond Alert template: Deploy-ERCIR-QOSDropsBitsOut-Alert.json diff --git a/services/Network/expressRouteGateways/alerts.yaml b/services/Network/expressRouteGateways/alerts.yaml index e13536e31..df80f4288 100644 --- a/services/Network/expressRouteGateways/alerts.yaml +++ b/services/Network/expressRouteGateways/alerts.yaml @@ -11,6 +11,9 @@ operator: LessThan threshold: 1 criterionType: StaticThresholdCriterion + references: + - name: ExpressRoute Monitoring Metrics Alerts for ExpressRoute Gateways + url: https://learn.microsoft.com/en-us/azure/expressroute/expressroute-monitoring-metrics-alerts#expressroute-gateways deployments: - description: Policy to audit/deploy ER Gateway Connection BitsInPerSecond Alert template: Deploy-ERG-BitsInPerSecond-Alert.json @@ -27,6 +30,9 @@ operator: LessThan threshold: 1 criterionType: StaticThresholdCriterion + references: + - name: ExpressRoute Monitoring Metrics Alerts for ExpressRoute Gateways + url: https://learn.microsoft.com/en-us/azure/expressroute/expressroute-monitoring-metrics-alerts#expressroute-gateways deployments: - description: Policy to audit/deploy ER Gateway Connection BitsOutPerSecond Alert template: Deploy-ERG-BitsOutPerSecond-Alert.json @@ -43,6 +49,9 @@ operator: GreaterThan threshold: 80 criterionType: StaticThresholdCriterion + references: + - name: ExpressRoute Monitoring Metrics Alerts for ExpressRoute Gateways + url: https://learn.microsoft.com/en-us/azure/expressroute/expressroute-monitoring-metrics-alerts#expressroute-gateways deployments: - description: Policy to audit/deploy ER Gateway Express Route CPU Utilization Alert template: Deploy-ERG-CPUUtilization-Alert.json diff --git a/services/Network/loadBalancers/alerts.yaml b/services/Network/loadBalancers/alerts.yaml index 1790fa12b..f056ce4bd 100644 --- a/services/Network/loadBalancers/alerts.yaml +++ b/services/Network/loadBalancers/alerts.yaml @@ -11,6 +11,13 @@ operator: LessThan threshold: 90 criterionType: StaticThresholdCriterion + references: + - name: Azure Monitor supported metrics by resource type - Azure Load Balancer + url: https://learn.microsoft.com/en-us/azure/azure-monitor/reference/supported-metrics/microsoft-network-loadbalancers-metrics + - name: Azure Load Balancer Multi-Demensional-Metrics + url: https://learn.microsoft.com/en-us/azure/load-balancer/load-balancer-standard-diagnostics#multi-dimensional-metrics + - name: Is The Data Path Up and Available for My Load-Balancer + url: https://learn.microsoft.com/en-us/azure/load-balancer/load-balancer-standard-diagnostics#is-the-data-path-up-and-available-for-my-load-balancer-frontend deployments: - description: Policy to audit/deploy Azure Load Balancer Data Path Availability Alert template: Deploy-LB-DatapathAvailability-Alert.json @@ -27,6 +34,9 @@ operator: LessThan threshold: 90 criterionType: StaticThresholdCriterion + references: + - name: Azure Monitor supported metrics by resource type - Azure Load Balancer + url: https://learn.microsoft.com/en-us/azure/azure-monitor/reference/supported-metrics/microsoft-network-loadbalancers-metrics deployments: - description: Policy to audit/deploy Azure Load Balancer Global Backend Availability Alert template: Deploy-LB-GlobalBackendAvailability-Alert.json @@ -43,6 +53,11 @@ operator: LessThan threshold: 90 criterionType: StaticThresholdCriterion + references: + - name: Azure Monitor supported metrics by resource type - Azure Load Balancer + url: https://learn.microsoft.com/en-us/azure/azure-monitor/reference/supported-metrics/microsoft-network-loadbalancers-metrics + - name: Are Backend Instances for my Load-Balancer Responding to Probes + url: https://learn.microsoft.com/en-us/azure/load-balancer/load-balancer-standard-diagnostics#are-the-backend-instances-for-my-load-balancer-responding-to-probes deployments: - description: Policy to audit/deploy Azure Load Balancer Health Probe Status Alert template: Deploy-LB-HealthProbeStatus-Alert.json @@ -59,6 +74,13 @@ operator: GreaterThan threshold: 900 criterionType: StaticThresholdCriterion + references: + - name: Azure Monitor supported metrics by resource type - Azure Load Balancer + url: https://learn.microsoft.com/en-us/azure/azure-monitor/reference/supported-metrics/microsoft-network-loadbalancers-metrics + - name: Load-Balancer Alerts + url: https://learn.microsoft.com/en-us/azure/load-balancer/monitor-load-balancer#alerts + - name: Check My SNAT Port Usage and Allocation + url: https://learn.microsoft.com/en-us/azure/load-balancer/load-balancer-standard-diagnostics#how-do-i-check-my-snat-port-usage-and-allocation deployments: - description: Policy to audit/deploy Azure Load Balancer Used SNAT Ports Alert template: Deploy-LB-UsedSNATPorts-Alert.json diff --git a/services/Network/virtualNetworkGateways/alerts.yaml b/services/Network/virtualNetworkGateways/alerts.yaml index 19b7c83f8..0f531b5ca 100644 --- a/services/Network/virtualNetworkGateways/alerts.yaml +++ b/services/Network/virtualNetworkGateways/alerts.yaml @@ -11,6 +11,9 @@ operator: LessThan threshold: 1 criterionType: StaticThresholdCriterion + references: + - name: Supported metrics for microsoft.network/virtualnetworkgateways + url: https://learn.microsoft.com/en-us/azure/azure-monitor/reference/supported-metrics/microsoft-network-virtualnetworkgateways-metrics deployments: - description: Policy to audit/deploy Virtual Network Gateway Tunnel Bandwidth Alert template: Deploy-VNETG-BandwidthUtilization-Alert.json @@ -27,6 +30,9 @@ operator: LessThan threshold: 1 criterionType: StaticThresholdCriterion + references: + - name: Supported metrics for microsoft.network/virtualnetworkgateways + url: https://learn.microsoft.com/en-us/azure/azure-monitor/reference/supported-metrics/microsoft-network-virtualnetworkgateways-metrics deployments: - description: Policy to audit/deploy Virtual Network Gateway Tunnel Egress Alert template: Deploy-VNETG-Egress-Alert.json @@ -46,6 +52,9 @@ failingPeriods: numberOfEvaluationPeriods: 4 minFailingPeriodsToAlert: 4 + references: + - name: Supported metrics for microsoft.network/virtualnetworkgateways + url: https://learn.microsoft.com/en-us/azure/azure-monitor/reference/supported-metrics/microsoft-network-virtualnetworkgateways-metrics deployments: - description: Policy to audit/deploy Vnet Gateway Egress Packet Drop Count Alert template: Deploy-VNETG-EgressPacketDropCount-Alert.json @@ -65,6 +74,9 @@ failingPeriods: numberOfEvaluationPeriods: 4 minFailingPeriodsToAlert: 4 + references: + - name: Supported metrics for microsoft.network/virtualnetworkgateways + url: https://learn.microsoft.com/en-us/azure/azure-monitor/reference/supported-metrics/microsoft-network-virtualnetworkgateways-metrics deployments: - description: Policy to audit/deploy Vnet Gateway Egress Packet Drop Mismatch Alert template: Deploy-VNETG-EgressPacketDropMismatch-Alert.json @@ -81,6 +93,9 @@ operator: LessThan threshold: 1 criterionType: StaticThresholdCriterion + references: + - name: Supported metrics for microsoft.network/virtualnetworkgateways + url: https://learn.microsoft.com/en-us/azure/azure-monitor/reference/supported-metrics/microsoft-network-virtualnetworkgateways-metrics deployments: - description: Policy to audit/deploy Virtual Network Gateway Express Route Bits Per Second Alert template: Deploy-VNETG-ERGBitsPerSecond-Alert.json @@ -97,6 +112,9 @@ operator: GreaterThan threshold: 80 criterionType: StaticThresholdCriterion + references: + - name: Supported metrics for microsoft.network/virtualnetworkgateways + url: https://learn.microsoft.com/en-us/azure/azure-monitor/reference/supported-metrics/microsoft-network-virtualnetworkgateways-metrics deployments: - description: Policy to audit/deploy Virtual Network Gateway Express Route CPU Utilization template: Deploy-VNETG-ERGCPUUtilization-Alert.json @@ -113,6 +131,9 @@ operator: LessThan threshold: 1 criterionType: StaticThresholdCriterion + references: + - name: Supported metrics for microsoft.network/virtualnetworkgateways + url: https://learn.microsoft.com/en-us/azure/azure-monitor/reference/supported-metrics/microsoft-network-virtualnetworkgateways-metrics deployments: - description: Policy to audit/deploy Virtual Network Gateway Tunnel Ingress Alert template: Deploy-VNETG-Ingress-Alert.json @@ -132,6 +153,9 @@ failingPeriods: numberOfEvaluationPeriods: 4 minFailingPeriodsToAlert: 4 + references: + - name: Supported metrics for microsoft.network/virtualnetworkgateways + url: https://learn.microsoft.com/en-us/azure/azure-monitor/reference/supported-metrics/microsoft-network-virtualnetworkgateways-metrics deployments: - description: Policy to audit/deploy Vnet Gateway Ingress Packet Drop Count Alert template: Deploy-VNETG-IngressPacketDropCount-Alert.json @@ -151,6 +175,9 @@ failingPeriods: numberOfEvaluationPeriods: 4 minFailingPeriodsToAlert: 4 + references: + - name: Supported metrics for microsoft.network/virtualnetworkgateways + url: https://learn.microsoft.com/en-us/azure/azure-monitor/reference/supported-metrics/microsoft-network-virtualnetworkgateways-metrics deployments: - description: Policy to audit/deploy Vnet Gateway Ingress Packet Drop Mismatch Alert template: Deploy-VNETG-IngressPacketDropMismatch-Alert.json diff --git a/services/Network/vpnGateways/alerts.yaml b/services/Network/vpnGateways/alerts.yaml index fed32f907..12d21452d 100644 --- a/services/Network/vpnGateways/alerts.yaml +++ b/services/Network/vpnGateways/alerts.yaml @@ -21,6 +21,11 @@ operator: LessThan threshold: 1 criterionType: StaticThresholdCriterion + references: + - name: Activity Log Service Notifications + url: https://learn.microsoft.com/en-us/azure/service-health/alerts-activity-log-service-notifications-portal + - name: Best practices for setting up service health alerts + url: https://www.microsoft.com/videoplayer/embed/RE2OtUa deployments: - description: Policy to audit/deploy VPN Gateway Bandwidth Utilization Alert template: Deploy-VPNG-BandwidthUtilization-Alert.json @@ -37,6 +42,9 @@ operator: LessThan threshold: 1 criterionType: StaticThresholdCriterion + references: + - name: Supported metrics for microsoft.network/vpngateways + url: https://learn.microsoft.com/en-us/azure/azure-monitor/reference/supported-metrics/microsoft-network-vpngateways-metrics deployments: - description: Policy to audit/deploy VPN Gateway BGP Peer Status Alert template: Deploy-VPNG-BGPPeerStatus-Alert.json @@ -53,6 +61,9 @@ operator: LessThan threshold: 1 criterionType: StaticThresholdCriterion + references: + - name: Supported metrics for microsoft.network/vpngateways + url: https://learn.microsoft.com/en-us/azure/azure-monitor/reference/supported-metrics/microsoft-network-vpngateways-metrics deployments: - description: Policy to audit/deploy VPN Gateway Egress Alert template: Deploy-VPNG-Egress-Alert.json @@ -72,6 +83,9 @@ failingPeriods: numberOfEvaluationPeriods: 4 minFailingPeriodsToAlert: 4 + references: + - name: Supported metrics for microsoft.network/vpngateways + url: https://learn.microsoft.com/en-us/azure/azure-monitor/reference/supported-metrics/microsoft-network-vpngateways-metrics deployments: - description: Policy to audit/deploy VPN Gateway Egress Packet Drop Count Alert template: Deploy-VPNG-EgressPacketDropCount-Alert.json @@ -91,6 +105,9 @@ failingPeriods: numberOfEvaluationPeriods: 4 minFailingPeriodsToAlert: 4 + references: + - name: Supported metrics for microsoft.network/vpngateways + url: https://learn.microsoft.com/en-us/azure/azure-monitor/reference/supported-metrics/microsoft-network-vpngateways-metrics deployments: - description: Policy to audit/deploy VPN Gateway Egress Packet Drop Mismatch Alert template: Deploy-VPNG-EgressPacketDropMismatch-Alert.json @@ -107,6 +124,9 @@ operator: LessThan threshold: 1 criterionType: StaticThresholdCriterion + references: + - name: Supported metrics for microsoft.network/vpngateways + url: https://learn.microsoft.com/en-us/azure/azure-monitor/reference/supported-metrics/microsoft-network-vpngateways-metrics deployments: - description: Policy to audit/deploy VPN Gateway Ingress Alert template: Deploy-VPNG-Ingress-Alert.json @@ -126,6 +146,9 @@ failingPeriods: numberOfEvaluationPeriods: 4 minFailingPeriodsToAlert: 4 + references: + - name: Supported metrics for microsoft.network/vpngateways + url: https://learn.microsoft.com/en-us/azure/azure-monitor/reference/supported-metrics/microsoft-network-vpngateways-metrics deployments: - description: Policy to audit/deploy VPN Gateway Ingress Packet Drop Count Alert template: Deploy-VNETG-IngressPacketDropMismatch-Alert.json @@ -145,6 +168,9 @@ failingPeriods: numberOfEvaluationPeriods: 4 minFailingPeriodsToAlert: 4 + references: + - name: Supported metrics for microsoft.network/vpngateways + url: https://learn.microsoft.com/en-us/azure/azure-monitor/reference/supported-metrics/microsoft-network-vpngateways-metrics deployments: - description: Policy to audit/deploy Vnet Gateway Ingress Packet Drop Mismatch Alert template: Deploy-VNETG-IngressPacketDropMismatch-Alert.json diff --git a/services/Storage/storageAccounts/alerts.yaml b/services/Storage/storageAccounts/alerts.yaml index f965e7d85..c0ef937b2 100644 --- a/services/Storage/storageAccounts/alerts.yaml +++ b/services/Storage/storageAccounts/alerts.yaml @@ -11,6 +11,11 @@ operator: LessThan threshold: 90 criterionType: StaticThresholdCriterion + references: + - name: Monitoring Availability + url: https://learn.microsoft.com/en-us/troubleshoot/azure/azure-storage/storage-monitoring-diagnosing-troubleshooting?toc=%2Fazure%2Fstorage%2Fblobs%2Ftoc.json&tabs=dotnet#monitoring-availability + - name: Supported metrics for Microsoft.Storage/storageAccounts + url: https://learn.microsoft.com/en-us/azure/azure-monitor/reference/supported-metrics/microsoft-storage-storageaccounts-metrics deployments: - description: Policy to audit/deploy SA Availability Alert template: Deploy-SA-Availability-Alert.json From 06c5dbfaa4434a9ffb84e8217db23feebd35560e Mon Sep 17 00:00:00 2001 From: Bryan Zabchuk Date: Sat, 30 Sep 2023 10:35:29 -0400 Subject: [PATCH 2/4] Updated References for: privateDNSZones, PublicIPAddresses, VirtualNetworks, RecoveryServices. --- services/Network/privateDnsZones/alerts.yaml | 12 +++++++++++ .../Network/publicIPAddresses/alerts.yaml | 20 +++++++++++++++++++ services/Network/virtualNetworks/alerts.yaml | 3 +++ services/RecoveryServices/alerts.yaml | 15 ++++++++++++++ services/RecoveryServices/vaults/_index.md | 6 ++++++ 5 files changed, 56 insertions(+) create mode 100644 services/RecoveryServices/alerts.yaml create mode 100644 services/RecoveryServices/vaults/_index.md diff --git a/services/Network/privateDnsZones/alerts.yaml b/services/Network/privateDnsZones/alerts.yaml index 76726d0b4..d38383a48 100644 --- a/services/Network/privateDnsZones/alerts.yaml +++ b/services/Network/privateDnsZones/alerts.yaml @@ -11,6 +11,9 @@ operator: GreaterThanOrEqual threshold: 80 criterionType: StaticThresholdCriterion + references: + - name: Private DNS Alert Metrics + url: https://learn.microsoft.com/en-us/azure/azure-monitor/reference/supported-metrics/microsoft-network-privatednszones-metrics deployments: - description: Policy to audit/deploy Private DNS Zone Capacity Utilization Alert template: Deploy-PDNSZ-CapacityUtilization-Alert.json @@ -27,6 +30,9 @@ operator: GreaterThanOrEqual threshold: 500 criterionType: StaticThresholdCriterion + references: + - name: Private DNS Alert Metrics + url: https://learn.microsoft.com/en-us/azure/azure-monitor/reference/supported-metrics/microsoft-network-privatednszones-metrics deployments: - description: Policy to audit/deploy Private DNS Zone Query Volume Alert template: Deploy-PDNSZ-QueryVolume-Alert.json @@ -43,6 +49,9 @@ operator: GreaterThanOrEqual threshold: 80 criterionType: StaticThresholdCriterion + references: + - name: Private DNS Alert Metrics + url: https://learn.microsoft.com/en-us/azure/azure-monitor/reference/supported-metrics/microsoft-network-privatednszones-metrics deployments: - description: Policy to audit/deploy Private DNS Zone Record Set Capacity Alert template: Deploy-PDNSZ-RecordSetCapacity-Alert.json @@ -59,6 +68,9 @@ operator: GreaterThanOrEqual threshold: 80 criterionType: StaticThresholdCriterion + references: + - name: Private DNS Alert Metrics + url: https://learn.microsoft.com/en-us/azure/azure-monitor/reference/supported-metrics/microsoft-network-privatednszones-metrics deployments: - description: Policy to audit/deploy Private DNS Zone Registration Capacity Utilization Alert template: Deploy-PDNSZ-RegistrationCapacityUtilization-Alert.json diff --git a/services/Network/publicIPAddresses/alerts.yaml b/services/Network/publicIPAddresses/alerts.yaml index f909036f9..22f7fc4a1 100644 --- a/services/Network/publicIPAddresses/alerts.yaml +++ b/services/Network/publicIPAddresses/alerts.yaml @@ -11,6 +11,11 @@ operator: GreaterThan threshold: 8000000 criterionType: StaticThresholdCriterion + references: + - name: Monitor Public IP Addresses + url: https://learn.microsoft.com/en-us/azure/virtual-network/ip-services/monitor-public-ip#alerts + - name: Public IP Addresses Supported Metrics + url: https://learn.microsoft.com/en-us/azure/azure-monitor/essentials/metrics-supported#microsoftnetworkpublicipaddresses deployments: - description: Policy to audit/deploy PIP Bytes in DDoS Attack Alert template: Deploy-PIP-BytesInDDOSAttack-Alert.json @@ -27,6 +32,11 @@ operator: GreaterThan threshold: 0 criterionType: StaticThresholdCriterion + references: + - name: Monitor Public IP Addresses + url: https://learn.microsoft.com/en-us/azure/virtual-network/ip-services/monitor-public-ip#alerts + - name: Public IP Addresses Supported Metrics + url: https://learn.microsoft.com/en-us/azure/azure-monitor/essentials/metrics-supported#microsoftnetworkpublicipaddresses deployments: - description: Policy to audit/deploy PIP DDoS Attack Alert template: Deploy-PIP-DDOSAttack-Alert.json @@ -43,6 +53,11 @@ operator: GreaterThanOrEqual threshold: 40000 criterionType: StaticThresholdCriterion + references: + - name: Monitor Public IP Addresses + url: https://learn.microsoft.com/en-us/azure/virtual-network/ip-services/monitor-public-ip#alerts + - name: Public IP Addresses Supported Metrics + url: https://learn.microsoft.com/en-us/azure/azure-monitor/essentials/metrics-supported#microsoftnetworkpublicipaddresses deployments: - description: Policy to audit/deploy PIP Packets in DDoS Attack Alert template: Deploy-PIP-PacketsInDDOS-Alert.json @@ -59,6 +74,11 @@ operator: LessThan threshold: 90 criterionType: StaticThresholdCriterion + references: + - name: Monitor Public IP Addresses + url: https://learn.microsoft.com/en-us/azure/virtual-network/ip-services/monitor-public-ip#alerts + - name: Public IP Addresses Supported Metrics + url: https://learn.microsoft.com/en-us/azure/azure-monitor/essentials/metrics-supported#microsoftnetworkpublicipaddresses deployments: - description: Policy to audit/deploy PIP VIP Availability Alert template: Deploy-PIP-VIPAvailability-Alert.json diff --git a/services/Network/virtualNetworks/alerts.yaml b/services/Network/virtualNetworks/alerts.yaml index 4b0cf9139..d610f8ded 100644 --- a/services/Network/virtualNetworks/alerts.yaml +++ b/services/Network/virtualNetworks/alerts.yaml @@ -11,6 +11,9 @@ operator: GreaterThan threshold: 0 criterionType: StaticThresholdCriterion + references: + - name: Supported metrics for Microsoft.Network/virtualNetworks + url: https://learn.microsoft.com/en-us/azure/azure-monitor/reference/supported-metrics/microsoft-network-virtualnetworks-metrics deployments: - description: Policy to audit/deploy Virtual Network DDoS Attack Alert template: Deploy-VNET-DDOSAttack-Alert.json diff --git a/services/RecoveryServices/alerts.yaml b/services/RecoveryServices/alerts.yaml new file mode 100644 index 000000000..9f72b0ce5 --- /dev/null +++ b/services/RecoveryServices/alerts.yaml @@ -0,0 +1,15 @@ +- name: Deploy RV Backup Health Monitoring Alerts + description: Deploy RecoveryVault BackupHealthMonitor Alert + type: Microsoft.RecoveryServices/vaults/monitoringSettings.azureMonitorAlertSettings + properties: + category: Site Recovery + operationName: Microsoft.RecoveryServices/vaults/monitoringSettings.azureMonitorAlertSettings.alertsForAllJobFailures" + status: [ Enabled ] + references: + - name: Azure Monitor Alerts for Azure Backup + url: https://learn.microsoft.com/azure/service-health/alerts-activity-log-service-notifications-portal + - name: Move to Azure Monitor Alerts + url: https://learn.microsoft.com/en-us/azure/backup/move-to-azure-monitor-alerts + deployments: + - description: Policy to audit/update Recovery Vault Backup Health Alerting to Azure monitor alerts + template: Modify-RSV-BackupHealth-Alert.json \ No newline at end of file diff --git a/services/RecoveryServices/vaults/_index.md b/services/RecoveryServices/vaults/_index.md new file mode 100644 index 000000000..5605295ef --- /dev/null +++ b/services/RecoveryServices/vaults/_index.md @@ -0,0 +1,6 @@ +--- +title: Recovery Services Vaults +geekdocCollapseSection: true +--- + +{{< alertList name="alertList" >}} \ No newline at end of file From 1333b962c21e84ce97222c9af60cab3cb38511e8 Mon Sep 17 00:00:00 2001 From: Bryan Zabchuk Date: Sat, 30 Sep 2023 11:06:53 -0400 Subject: [PATCH 3/4] resolving _index.md conflict for vaults. --- services/RecoveryServices/vaults/_index.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/services/RecoveryServices/vaults/_index.md b/services/RecoveryServices/vaults/_index.md index 5605295ef..cf15df754 100644 --- a/services/RecoveryServices/vaults/_index.md +++ b/services/RecoveryServices/vaults/_index.md @@ -1,5 +1,5 @@ --- -title: Recovery Services Vaults +title: vaults geekdocCollapseSection: true --- From 0687c1e42e6da6ec52fe63e24ef485a209ee100f Mon Sep 17 00:00:00 2001 From: Joseph Barnes Date: Sat, 30 Sep 2023 10:58:39 -0500 Subject: [PATCH 4/4] Update _index.md --- services/RecoveryServices/vaults/_index.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/services/RecoveryServices/vaults/_index.md b/services/RecoveryServices/vaults/_index.md index cf15df754..5bf3ae08e 100644 --- a/services/RecoveryServices/vaults/_index.md +++ b/services/RecoveryServices/vaults/_index.md @@ -1,6 +1,6 @@ --- -title: vaults +title: Vaults geekdocCollapseSection: true --- -{{< alertList name="alertList" >}} \ No newline at end of file +{{< alertList name="alertList" >}}