How do I get V1 (APIVersion 2018-04-16) scheduled query log alert details using Get-AzScheduledQueryRule
I am using the PowerShell command Get-AzScheduledQueryRule to get details of the various log based alerts we have deployed within Azure. This command works fine for V2 based log alerts and I am able to view details such as Action Custom Properties. The problem I have is with older V1 log based alerts created using API Version 2018-04-16, as although I am able to see certain alert details such as name, description etc. I cannot see the json payload details which is the information I need.
I have tried other PowerShell commands, get-azalert but that is for legacy classic alerts and not the ones I'm looking for.
The Get-AzScheduledQueryRule command is used to manage V2 log alerts in Azure. It is incompatible with older V1 log alerts created with API Version 2018-04-16.
You must use the REST API to view the JSON payload details of older V1 log alerts. You can use the REST API to perform log search queries in Log Analytics and retrieve the JSON payload details of older V1 log alerts.
Refer MSDoc.
Request: GET
URL: https://management.azure.com/subscriptions/subscriptionID/resourcegroups/resourcegroup/providers/Microsoft.Insights/scheduledQueryRules/test-rule?api-version=2018-04-16
Output:
Alternatively, you can use get-AZresource command with the resourceID and API version parameters to retrieve any Azure resource information.
I provided the below command with the query alert rule resourceID and retrieved the expected results.
Get-AzResource -ResourceId /subscriptions/subscriptionID/resourceGroups/resourcegroup/providers/Microsoft.Insights/scheduledqueryrules/test-rule -ApiVersion "2018-04-16"
AzCLI:
You can also use the below approach using Azure CLI as given.
az rest --method get --url /subscriptions/subscriptionID/resourceGroups/resourcegroup/providers/Microsoft.OperationalInsights/workspaces/workspace/alertsversion?api-version=2017-04-26-preview
