Deploy Azure Monitor Baseline Alerts (AMBA-ALZ) - VPNG Ingress Packet Drop Mismatch Alert - Deploy_VPNGw_TunnelIngressPacketDropMismatch

Deploy Azure Monitor Baseline Alerts (AMBA-ALZ) - VPNG Ingress Packet Drop Mismatch Alert

Azure Monitor Baseline Alerts (AMBA) Policy definition

Alias

Namespace

ResourceType

Path

PathIsDefault

DefaultPath

Modifiable

Microsoft.Insights/metricAlerts/autoMitigate

microsoft.insights

metricalerts

properties.autoMitigate

True

False

Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName

microsoft.insights

metricalerts

properties.criteria.allOf[*].metricName

True

False

Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace

microsoft.insights

metricalerts

properties.criteria.allOf[*].metricNamespace

True

False

Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-MultipleResourceMultipleMetricCriteria.allOf[*].DynamicThresholdCriterion.alertSensitivity

microsoft.insights

metricalerts

properties.criteria.allOf[*].alertSensitivity

True

False

Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-MultipleResourceMultipleMetricCriteria.allOf[*].DynamicThresholdCriterion.failingPeriods.minFailingPeriodsToAlert

microsoft.insights

metricalerts

properties.criteria.allOf[*].failingPeriods.minFailingPeriodsToAlert

True

False

Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-MultipleResourceMultipleMetricCriteria.allOf[*].DynamicThresholdCriterion.failingPeriods.numberOfEvaluationPeriods

microsoft.insights

metricalerts

properties.criteria.allOf[*].failingPeriods.numberOfEvaluationPeriods

True

False

Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-MultipleResourceMultipleMetricCriteria.allOf[*].DynamicThresholdCriterion.operator

microsoft.insights

metricalerts

properties.criteria.allOf[*].operator

True

False

Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-MultipleResourceMultipleMetricCriteria.allOf[*].timeAggregation

microsoft.insights

metricalerts

properties.criteria.allOf[*].timeAggregation

True

False

Microsoft.Insights/metricAlerts/enabled

microsoft.insights

metricalerts

properties.enabled

True

False

Microsoft.Insights/metricAlerts/evaluationFrequency

microsoft.insights

metricalerts

properties.evaluationFrequency

True

False

Microsoft.Insights/metricalerts/scopes[*]

microsoft.insights

metricalerts

properties.scopes[*]

True

False

Microsoft.Insights/metricalerts/severity

microsoft.insights

metricalerts

properties.severity

True

False

Microsoft.Insights/metricAlerts/windowSize

microsoft.insights

metricalerts

properties.windowSize

True

False

Rows: 1-1 / 1

Records:

Use the filters above each column to filter and limit table data. Advanced searches can be performed by using the following operators:
<, <=, >, >=, =, *, !, {, }, ||,&&, [empty], [nonempty], rgx:
Learn more

TableFilter v0.7.3

Page of 1

Initiative DisplayName

Initiative Id

Initiative Category

State

Deploy Azure Monitor Baseline Alerts (AMBA-ALZ) for Connectivity - Part #1

Alerting-Connectivity

Monitoring

{

policyType: "Custom",
mode: "All",
displayName: "Deploy Azure Monitor Baseline Alerts (AMBA-ALZ) - VPNG Ingress Packet Drop Mismatch Alert",
description: "Policy to audit/deploy VPN Gateway Ingress Packet Drop Mismatch Alert",
metadata: {5 items
- version: "1.3.1",
- category: "Network",
- source: "https://github.com/Azure/azure-monitor-baseline-alerts/",
- alzCloudEnvironments: [1 item
  - "AzureCloud"
  ],
- _deployed_by_amba: "True"
},
parameters: {10 items
- severity: {4 items
  - type: "String",
  - metadata: {2 items
    - displayName: "Severity",
    - description: "Severity of the Alert"
    },
  - allowedValues: [5 items
    - "0",
    - "1",
    - "2",
    - "3",
    - "4"
    ],
  - defaultValue: "3"
  },
- windowSize: {4 items
  - type: "String",
  - metadata: {2 items
    - displayName: "Window Size",
    - description: "Window size for the alert"
    },
  - allowedValues: [8 items
    - "PT1M",
    - "PT5M",
    - "PT15M",
    - "PT30M",
    - "PT1H",
    - "PT6H",
    - "PT12H",
    - "P1D"
    ],
  - defaultValue: "PT5M"
  },
- evaluationFrequency: {4 items
  - type: "String",
  - metadata: {2 items
    - displayName: "Evaluation Frequency",
    - description: "Evaluation frequency for the alert"
    },
  - allowedValues: [5 items
    - "PT1M",
    - "PT5M",
    - "PT15M",
    - "PT30M",
    - "PT1H"
    ],
  - defaultValue: "PT5M"
  },
- autoMitigate: {4 items
  - type: "String",
  - metadata: {2 items
    - displayName: "Auto Mitigate",
    - description: "Auto Mitigate for the alert"
    },
  - allowedValues: [2 items
    - "true",
    - "false"
    ],
  - defaultValue: "true"
  },
- enabled: {4 items
  - type: "String",
  - metadata: {2 items
    - displayName: "Alert State",
    - description: "Alert state for the alert"
    },
  - allowedValues: [2 items
    - "true",
    - "false"
    ],
  - defaultValue: "true"
  },
- effect: {4 items
  - type: "String",
  - metadata: {2 items
    - displayName: "Effect",
    - description: "Effect of the policy"
    },
  - allowedValues: [2 items
    - "deployIfNotExists",
    - "disabled"
    ],
  - defaultValue: "deployIfNotExists"
  },
- failingPeriods: {3 items
  - type: "String",
  - metadata: {2 items
    - displayName: "Failing Periods",
    - description: "Number of failing periods before alert is fired"
    },
  - defaultValue: "4"
  },
- evaluationPeriods: {3 items
  - type: "String",
  - metadata: {2 items
    - displayName: "Evaluation Periods",
    - description: "The number of aggregated lookback points."
    },
  - defaultValue: "4"
  },
- MonitorDisableTagName: {3 items
  - type: "String",
  - metadata: {2 items
    - displayName: "ALZ Monitoring disabled tag name",
    - description: "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled."
    },
  - defaultValue: "MonitorDisable"
  },
- MonitorDisableTagValues: {3 items
  - type: "Array",
  - metadata: {2 items
    - displayName: "ALZ Monitoring disabled tag values(s)",
    - description: "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled."
    },
  - defaultValue: [4 items
    - "true",
    - "Test",
    - "Dev",
    - "Sandbox"
    ]
  }
},
policyRule: {2 items
- if: {1 item
  - allOf: [2 items
    - {2 items
      - field: "type",
      - equals: "microsoft.network/vpngateways"
      },
    - {2 items
      - field: "[ concat( 'tags[ ', parameters('MonitorDisableTagName'), ' ]' ) ]",
      - notIn: "[parameters('MonitorDisableTagValues')]"
      }
    ]
  },
- then: {2 items
  - effect: "[parameters('effect')]",
  - details: {4 items
    - roleDefinitionIds: [1 item
      - "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" Contributor
      ],
    - type: "Microsoft.Insights/metricAlerts",
    - existenceCondition: {1 item
      - allOf: [13 items
        {2 items
        field: "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace",
        equals: "microsoft.network/vpngateways"
        },
        {2 items
        field: "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName",
        equals: "TunnelIngressPacketDropTSMismatch"
        },
        {2 items
        field: "Microsoft.Insights/metricalerts/scopes[*]",
        equals: 🔍"[ concat( subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/microsoft.network/vpngateways/', field('fullName') ) ]"
        },
        {2 items
        field: "Microsoft.Insights/metricAlerts/enabled",
        equals: "[parameters('enabled')]"
        },
        {2 items
        field: "Microsoft.Insights/metricAlerts/evaluationFrequency",
        equals: "[parameters('evaluationFrequency')]"
        },
        {2 items
        field: "Microsoft.Insights/metricAlerts/windowSize",
        equals: "[parameters('windowSize')]"
        },
        {2 items
        field: "Microsoft.Insights/metricalerts/severity",
        equals: "[parameters('severity')]"
        },
        {2 items
        field: "Microsoft.Insights/metricAlerts/autoMitigate",
        equals: "[parameters('autoMitigate')]"
        },
        {2 items
        field: "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-MultipleResourceMultipleMetricCriteria.allOf[*].timeAggregation",
        equals: "Average"
        },
        {2 items
        field: "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-MultipleResourceMultipleMetricCriteria.allOf[*].DynamicThresholdCriterion.operator",
        equals: "GreaterThan"
        },
        {2 items
        field: "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-MultipleResourceMultipleMetricCriteria.allOf[*].DynamicThresholdCriterion.alertSensitivity",
        equals: "Medium"
        },
        {2 items
        field: "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-MultipleResourceMultipleMetricCriteria.allOf[*].DynamicThresholdCriterion.failingPeriods.minFailingPeriodsToAlert",
        equals: "[parameters('failingPeriods')]"
        },
        {2 items
        field: "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-MultipleResourceMultipleMetricCriteria.allOf[*].DynamicThresholdCriterion.failingPeriods.numberOfEvaluationPeriods",
        equals: "[parameters('evaluationPeriods')]"
        }
        ]
      },
    - deployment: {1 item
      - properties: {3 items
        mode: "incremental",
        template: {5 items
        $schema: "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#",
        contentVersion: "1.0.0.0",
        parameters: {9 items
        resourceName: {2 items
        type: "String",
        metadata: {2 items
        displayName: "resourceName",
        description: "Name of the resource"
        }
        },
        resourceId: {2 items
        type: "String",
        metadata: {2 items
        displayName: "resourceId",
        description: "Resource ID of the resource emitting the metric that will be used for the comparison"
        }
        },
        severity: {1 item
        type: "String"
        },
        windowSize: {1 item
        type: "String"
        },
        evaluationFrequency: {1 item
        type: "String"
        },
        autoMitigate: {1 item
        type: "String"
        },
        enabled: {1 item
        type: "String"
        },
        failingPeriods: {1 item
        type: "String"
        },
        evaluationPeriods: {1 item
        type: "String"
        }
        },
        variables: {},
        resources: [1 item
        {6 items
        type: "Microsoft.Insights/metricAlerts",
        apiVersion: "2018-03-01",
        name: 🔍"[ concat( parameters('resourceName'), '-TunnelIngressPacketDropTSMismatchAlert' ) ]",
        location: "global",
        tags: {1 item
        _deployed_by_amba: true
        },
        properties: {9 items
        description: "Metric Alert for VPN Gateway tunnel TunnelIngressPacketDropTSMismatch",
        severity: "[parameters('severity')]",
        enabled: "[parameters('enabled')]",
        scopes: [1 item
        "[parameters('resourceId')]"
        ],
        evaluationFrequency: "[parameters('evaluationFrequency')]",
        windowSize: "[parameters('windowSize')]",
        criteria: {2 items
        allOf: [1 item
        {8 items
        alertSensitivity: "Medium",
        failingPeriods: {2 items
        numberOfEvaluationPeriods: "[parameters('evaluationPeriods')]",
        minFailingPeriodsToAlert: "[parameters('failingPeriods')]"
        },
        name: "TunnelIngressPacketDropTSMismatch",
        metricNamespace: "microsoft.network/vpngateways",
        metricName: "TunnelIngressPacketDropTSMismatch",
        operator: "GreaterThan",
        timeAggregation: "Average",
        criterionType: "DynamicThresholdCriterion"
        }
        ],
        odata.type: "Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria"
        },
        autoMitigate: "[parameters('autoMitigate')]",
        parameters: {7 items
        severity: {1 item
        value: "[parameters('severity')]"
        },
        windowSize: {1 item
        value: "[parameters('windowSize')]"
        },
        evaluationFrequency: {1 item
        value: "[parameters('evaluationFrequency')]"
        },
        autoMitigate: {1 item
        value: "[parameters('autoMitigate')]"
        },
        enabled: {1 item
        value: "[parameters('enabled')]"
        },
        failingPeriods: {1 item
        value: "[parameters('failingPeriods')]"
        },
        evaluationPeriods: {1 item
        value: "[parameters('evaluationPeriods')]"
        }
        }
        }
        }
        ]
        },
        parameters: {9 items
        resourceName: {1 item
        value: "[field('name')]"
        },
        resourceId: {1 item
        value: "[field('id')]"
        },
        severity: {1 item
        value: "[parameters('severity')]"
        },
        windowSize: {1 item
        value: "[parameters('windowSize')]"
        },
        evaluationFrequency: {1 item
        value: "[parameters('evaluationFrequency')]"
        },
        autoMitigate: {1 item
        value: "[parameters('autoMitigate')]"
        },
        enabled: {1 item
        value: "[parameters('enabled')]"
        },
        failingPeriods: {1 item
        value: "[parameters('failingPeriods')]"
        },
        evaluationPeriods: {1 item
        value: "[parameters('evaluationPeriods')]"
        }
        }
        }
      }
    }
  }
}

}