AzInitiativeAdvertizer

last sync: 2025-Apr-29 17:15:47 UTC

Deploy Azure Monitor Baseline Alerts (AMBA-ALZ) for Connectivity

Azure Monitor Baseline Alerts (AMBA) Policy Initiative (PolicySet)

Source Repository Azure Monitor Baseline Alerts (AMBA) GitHub
Display nameDeploy Azure Monitor Baseline Alerts (AMBA-ALZ) for Connectivity
IdAlerting-Connectivity
Version1.4.3
Details on versioning
CategoryMonitoring
DescriptionThis initiative deploys Azure Monitor Baseline Alerts (AMBA-ALZ) to monitor Network components such as Azure Firewalls, ExpressRoute, VPN, and Private DNS Zones.
Cloud environments AzureCloud
TypeCustom Azure Monitor Baseline Alerts (AMBA)
DeprecatedFalse
PreviewFalse
Policy-used summary
Policy types Policy states Policy categories
Total Policies: 52
Builtin Policies: 0
Static Policies: 0
AMBA Policies: 52
GA: 52
2 categories:
Network: 41
Networking: 11
Policy-used
Policy DisplayName Policy Id Category Effect Roles# Roles State Type policy in AzUSGov
[Preview]: Deploy Azure Monitor Baseline Alerts (AMBA-ALZ) - Activity Log Route Table Delete Alert Deploy_activitylog_RouteTable_Delete Network Default
deployIfNotExists
Allowed
deployIfNotExists, disabled		 1 Contributor GA AMBA
[Preview]: Deploy Azure Monitor Baseline Alerts (AMBA-ALZ) - Activity Log Routes Delete Alert Deploy_activitylog_RouteTable_Routes_Delete Network Default
deployIfNotExists
Allowed
deployIfNotExists, disabled		 1 Contributor GA AMBA
Deploy Azure Monitor Baseline Alerts (AMBA-ALZ) - Activity Log Azure FireWall Delete Alert Deploy_activitylog_Firewall_Delete Network Default
deployIfNotExists
Allowed
deployIfNotExists, disabled		 1 Contributor GA AMBA
Deploy Azure Monitor Baseline Alerts (AMBA-ALZ) - Activity Log NSG Delete Alert Deploy_activitylog_NSG_Delete Network Default
deployIfNotExists
Allowed
deployIfNotExists, disabled		 1 Contributor GA AMBA
Deploy Azure Monitor Baseline Alerts (AMBA-ALZ) - Activity Log Route Table Update Alert Deploy_activitylog_RouteTable_Update Network Default
deployIfNotExists
Allowed
deployIfNotExists, disabled		 1 Contributor GA AMBA
Deploy Azure Monitor Baseline Alerts (AMBA-ALZ) - Activity Log VPN Gateway Delete Alert Deploy_activitylog_VPNGateway_Delete Network Default
deployIfNotExists
Allowed
deployIfNotExists, disabled		 1 Contributor GA AMBA
Deploy Azure Monitor Baseline Alerts (AMBA-ALZ) - AFW FirewallHealth Alert Deploy_AFW_FirewallHealth_Alert Network Default
deployIfNotExists
Allowed
deployIfNotExists, disabled		 1 Contributor GA AMBA
Deploy Azure Monitor Baseline Alerts (AMBA-ALZ) - AFW SNATPortUtilization Alert Deploy_AFW_SNATPortUtilization_Alert Network Default
deployIfNotExists
Allowed
deployIfNotExists, disabled		 1 Contributor GA AMBA
Deploy Azure Monitor Baseline Alerts (AMBA-ALZ) - ALB Data Path Availability Alert Deploy_ALB_DataPathAvailability_Alert Networking Default
deployIfNotExists
Allowed
deployIfNotExists, disabled		 1 Contributor GA AMBA
Deploy Azure Monitor Baseline Alerts (AMBA-ALZ) - ALB Global Backend Availability Alert Deploy_ALB_GlobalBackendAvailability_Alert Networking Default
deployIfNotExists
Allowed
deployIfNotExists, disabled		 1 Contributor GA AMBA
Deploy Azure Monitor Baseline Alerts (AMBA-ALZ) - ALB Health Probe Status Alert Deploy_ALB_HealthProbeStatus_Alert Networking Default
deployIfNotExists
Allowed
deployIfNotExists, disabled		 1 Contributor GA AMBA
Deploy Azure Monitor Baseline Alerts (AMBA-ALZ) - ALB Used SNAT Ports Alert Deploy_ALB_UsedSNATPorts_Alert Networking Default
deployIfNotExists
Allowed
deployIfNotExists, disabled		 1 Contributor GA AMBA
Deploy Azure Monitor Baseline Alerts (AMBA-ALZ) - ER Direct ExpressRoute Bits In Alert Deploy_ERP_ExpressRouteBitsIn_Alert Networking Default
disabled
Allowed
deployIfNotExists, disabled		 1 Contributor GA AMBA
Deploy Azure Monitor Baseline Alerts (AMBA-ALZ) - ER Direct ExpressRoute Bits Out Alert Deploy_ERP_ExpressRouteBitsOut_Alert Networking Default
disabled
Allowed
deployIfNotExists, disabled		 1 Contributor GA AMBA
Deploy Azure Monitor Baseline Alerts (AMBA-ALZ) - ER Direct ExpressRoute LineProtocol Alert Deploy_ERP_ExpressRoutLineProtocol_Alert Networking Default
disabled
Allowed
deployIfNotExists, disabled		 1 Contributor GA AMBA
Deploy Azure Monitor Baseline Alerts (AMBA-ALZ) - ER Direct ExpressRoute RxLightLevel High Alert Deploy_ERP_ExpressRoutRxLightLevel_Alert Networking Default
disabled
Allowed
deployIfNotExists, disabled		 1 Contributor GA AMBA
Deploy Azure Monitor Baseline Alerts (AMBA-ALZ) - ER Direct ExpressRoute RxLightLevel Low Alert Deploy_ERP_ExpressRoutRxLightLevellow_Alert Networking Default
disabled
Allowed
deployIfNotExists, disabled		 1 Contributor GA AMBA
Deploy Azure Monitor Baseline Alerts (AMBA-ALZ) - ER Direct ExpressRoute TxLightLevel High Alert Deploy_ERP_ExpressRoutTxLightLevell_Alert Networking Default
disabled
Allowed
deployIfNotExists, disabled		 1 Contributor GA AMBA
Deploy Azure Monitor Baseline Alerts (AMBA-ALZ) - ER Direct ExpressRoute TxLightLevel Low Alert Deploy_ERP_ExpressRoutTxLightLevellow_Alert Networking Default
disabled
Allowed
deployIfNotExists, disabled		 1 Contributor GA AMBA
Deploy Azure Monitor Baseline Alerts (AMBA-ALZ) - ERG ExpressRoute Bits In Alert Deploy_ERGw_ExpressRouteBitsIn_Alert Network Default
disabled
Allowed
deployIfNotExists, disabled		 1 Contributor GA AMBA
Deploy Azure Monitor Baseline Alerts (AMBA-ALZ) - ERG ExpressRoute Bits Out Alert Deploy_ERGw_ExpressRouteBitsOut_Alert Network Default
disabled
Allowed
deployIfNotExists, disabled		 1 Contributor GA AMBA
Deploy Azure Monitor Baseline Alerts (AMBA-ALZ) - ERG ExpressRoute CPU Utilization Alert Deploy_ERGw_ExpressRouteCpuUtil_Alert Network Default
deployIfNotExists
Allowed
deployIfNotExists, disabled		 1 Contributor GA AMBA
Deploy Azure Monitor Baseline Alerts (AMBA-ALZ) - ExpressRoute Circuits Arp Availability Alert Deploy_ERCIR_ArpAvailability_Alert Network Default
deployIfNotExists
Allowed
deployIfNotExists, disabled		 1 Contributor GA AMBA
Deploy Azure Monitor Baseline Alerts (AMBA-ALZ) - ExpressRoute Circuits Bgp Availability Alert Deploy_ERCIR_BgpAvailability_Alert Network Default
deployIfNotExists
Allowed
deployIfNotExists, disabled		 1 Contributor GA AMBA
Deploy Azure Monitor Baseline Alerts (AMBA-ALZ) - ExpressRoute Circuits QosDropBitsInPerSecond Alert Deploy_ERCIR_QosDropBitsInPerSecond_Alert Network Default
deployIfNotExists
Allowed
deployIfNotExists, disabled		 1 Contributor GA AMBA
Deploy Azure Monitor Baseline Alerts (AMBA-ALZ) - ExpressRoute Circuits QosDropBitsOutPerSecond Alert Deploy_ERCIR_QosDropBitsOutPerSecond_Alert Network Default
deployIfNotExists
Allowed
deployIfNotExists, disabled		 1 Contributor GA AMBA
Deploy Azure Monitor Baseline Alerts (AMBA-ALZ) - PDNSZ Capacity Utilization Alert Deploy_PDNSZ_CapacityUtil_Alert Network Default
deployIfNotExists
Allowed
deployIfNotExists, disabled		 1 Contributor GA AMBA
Deploy Azure Monitor Baseline Alerts (AMBA-ALZ) - PDNSZ Query Volume Alert Deploy_PDNSZ_QueryVolume_Alert Network Default
disabled
Allowed
deployIfNotExists, disabled		 1 Contributor GA AMBA
Deploy Azure Monitor Baseline Alerts (AMBA-ALZ) - PDNSZ Record Set Capacity Alert Deploy_PDNSZ_RecordSetCapacity_Alert Network Default
deployIfNotExists
Allowed
deployIfNotExists, disabled		 1 Contributor GA AMBA
Deploy Azure Monitor Baseline Alerts (AMBA-ALZ) - PDNSZ Registration Capacity Utilization Alert Deploy_DNSZ_RegistrationCapacityUtil_Alert Network Default
deployIfNotExists
Allowed
deployIfNotExists, disabled		 1 Contributor GA AMBA
Deploy Azure Monitor Baseline Alerts (AMBA-ALZ) - PIP Bytes in DDoS Attack Alert Deploy_PublicIp_BytesInDDoSAttack_Alert Network Default
disabled
Allowed
deployIfNotExists, disabled		 1 Contributor GA AMBA
Deploy Azure Monitor Baseline Alerts (AMBA-ALZ) - PIP DDoS Attack Alert Deploy_PublicIp_DDoSAttack_Alert Network Default
deployIfNotExists
Allowed
deployIfNotExists, disabled		 1 Contributor GA AMBA
Deploy Azure Monitor Baseline Alerts (AMBA-ALZ) - PIP Packets in DDoS Attack Alert Deploy_PublicIp_PacketsInDDoSAttack_Alert Network Default
disabled
Allowed
deployIfNotExists, disabled		 1 Contributor GA AMBA
Deploy Azure Monitor Baseline Alerts (AMBA-ALZ) - PIP VIP Availability Alert Deploy_PublicIp_VIPAvailability_Alert Network Default
deployIfNotExists
Allowed
deployIfNotExists, disabled		 1 Contributor GA AMBA
Deploy Azure Monitor Baseline Alerts (AMBA-ALZ) - VNet DDoS Attack Alert Deploy_VNET_DDoSAttack_Alert Network Default
deployIfNotExists
Allowed
deployIfNotExists, disabled		 1 Contributor GA AMBA
Deploy Azure Monitor Baseline Alerts (AMBA-ALZ) - VNetG Egress Packet Drop Count Alert Deploy_VnetGw_TunnelEgressPacketDropCount_Alert Network Default
deployIfNotExists
Allowed
deployIfNotExists, disabled		 1 Contributor GA AMBA
Deploy Azure Monitor Baseline Alerts (AMBA-ALZ) - VNetG Egress Packet Drop Mismatch Alert Deploy_VnetGw_TunnelEgressPacketDropMismatch_Alert Network Default
deployIfNotExists
Allowed
deployIfNotExists, disabled		 1 Contributor GA AMBA
Deploy Azure Monitor Baseline Alerts (AMBA-ALZ) - VNetG ExpressRoute Bits Per Second Alert Deploy_VnetGw_ExpressRouteBitsPerSecond_Alert Network Default
deployIfNotExists
Allowed
deployIfNotExists, disabled		 1 Contributor GA AMBA
Deploy Azure Monitor Baseline Alerts (AMBA-ALZ) - VNetG ExpressRoute CPU Utilization Alert Deploy_VnetGw_ExpressRouteCpuUtil_Alert Network Default
deployIfNotExists
Allowed
deployIfNotExists, disabled		 1 Contributor GA AMBA
Deploy Azure Monitor Baseline Alerts (AMBA-ALZ) - VNetG Ingress Packet Drop Count Alert Deploy_VnetGw_TunnelIngressPacketDropCount_Alert Network Default
deployIfNotExists
Allowed
deployIfNotExists, disabled		 1 Contributor GA AMBA
Deploy Azure Monitor Baseline Alerts (AMBA-ALZ) - VNetG Ingress Packet Drop Mismatch Alert Deploy_VnetGw_TunnelIngressPacketDropMismatch_Alert Network Default
deployIfNotExists
Allowed
deployIfNotExists, disabled		 1 Contributor GA AMBA
Deploy Azure Monitor Baseline Alerts (AMBA-ALZ) - VNetG Tunnel Bandwidth Alert Deploy_VnetGw_TunnelBandwidth_Alert Network Default
deployIfNotExists
Allowed
deployIfNotExists, disabled		 1 Contributor GA AMBA
Deploy Azure Monitor Baseline Alerts (AMBA-ALZ) - VNetG Tunnel Egress Alert Deploy_VnetGw_TunnelEgress_Alert Network Default
disabled
Allowed
deployIfNotExists, disabled		 1 Contributor GA AMBA
Deploy Azure Monitor Baseline Alerts (AMBA-ALZ) - VNetG Tunnel Ingress Alert Deploy_VnetGw_TunnelIngress_Alert Network Default
disabled
Allowed
deployIfNotExists, disabled		 1 Contributor GA AMBA
Deploy Azure Monitor Baseline Alerts (AMBA-ALZ) - VPNG BGP Peer Status Alert Deploy_VPNGw_BGPPeerStatus_Alert Network Default
deployIfNotExists
Allowed
deployIfNotExists, disabled		 1 Contributor GA AMBA
Deploy Azure Monitor Baseline Alerts (AMBA-ALZ) - VPNG Bandwidth Utilization Alert Deploy_VPNGw_BandwidthUtil_Alert Network Default
deployIfNotExists
Allowed
deployIfNotExists, disabled		 1 Contributor GA AMBA
Deploy Azure Monitor Baseline Alerts (AMBA-ALZ) - VPNG Egress Alert Deploy_VPNGw_Egress_Alert Network Default
disabled
Allowed
deployIfNotExists, disabled		 1 Contributor GA AMBA
Deploy Azure Monitor Baseline Alerts (AMBA-ALZ) - VPNG Egress Packet Drop Count Alert Deploy_VPNGw_TunnelEgressPacketDropCount_Alert Network Default
deployIfNotExists
Allowed
deployIfNotExists, disabled		 1 Contributor GA AMBA
Deploy Azure Monitor Baseline Alerts (AMBA-ALZ) - VPNG Egress Packet Drop Mismatch Alert Deploy_VPNGw_TunnelEgressPacketDropMismatch_Alert Network Default
deployIfNotExists
Allowed
deployIfNotExists, disabled		 1 Contributor GA AMBA
Deploy Azure Monitor Baseline Alerts (AMBA-ALZ) - VPNG Ingress Alert Deploy_VPNGw_Ingress_Alert Network Default
disabled
Allowed
deployIfNotExists, disabled		 1 Contributor GA AMBA
Deploy Azure Monitor Baseline Alerts (AMBA-ALZ) - VPNG Ingress Packet Drop Count Alert Deploy_VPNGw_TunnelIngressPacketDropCount_Alert Network Default
deployIfNotExists
Allowed
deployIfNotExists, disabled		 1 Contributor GA AMBA
Deploy Azure Monitor Baseline Alerts (AMBA-ALZ) - VPNG Ingress Packet Drop Mismatch Alert Deploy_VPNGw_TunnelIngressPacketDropMismatch_Alert Network Default
deployIfNotExists
Allowed
deployIfNotExists, disabled		 1 Contributor GA AMBA
Roles used
Total Roles usage: 52
Total Roles unique usage: 1
Role Role Id #Policies Policies
Contributor b24988ac-6180-42a0-ab88-20f7382dd24c 52 [Preview]: Deploy Azure Monitor Baseline Alerts (AMBA-ALZ) - Activity Log Route Table Delete Alert, [Preview]: Deploy Azure Monitor Baseline Alerts (AMBA-ALZ) - Activity Log Routes Delete Alert, Deploy Azure Monitor Baseline Alerts (AMBA-ALZ) - Activity Log Azure FireWall Delete Alert, Deploy Azure Monitor Baseline Alerts (AMBA-ALZ) - Activity Log NSG Delete Alert, Deploy Azure Monitor Baseline Alerts (AMBA-ALZ) - Activity Log Route Table Update Alert, Deploy Azure Monitor Baseline Alerts (AMBA-ALZ) - Activity Log VPN Gateway Delete Alert, Deploy Azure Monitor Baseline Alerts (AMBA-ALZ) - AFW FirewallHealth Alert, Deploy Azure Monitor Baseline Alerts (AMBA-ALZ) - AFW SNATPortUtilization Alert, Deploy Azure Monitor Baseline Alerts (AMBA-ALZ) - ALB Data Path Availability Alert, Deploy Azure Monitor Baseline Alerts (AMBA-ALZ) - ALB Global Backend Availability Alert, Deploy Azure Monitor Baseline Alerts (AMBA-ALZ) - ALB Health Probe Status Alert, Deploy Azure Monitor Baseline Alerts (AMBA-ALZ) - ALB Used SNAT Ports Alert, Deploy Azure Monitor Baseline Alerts (AMBA-ALZ) - ER Direct ExpressRoute Bits In Alert, Deploy Azure Monitor Baseline Alerts (AMBA-ALZ) - ER Direct ExpressRoute Bits Out Alert, Deploy Azure Monitor Baseline Alerts (AMBA-ALZ) - ER Direct ExpressRoute LineProtocol Alert, Deploy Azure Monitor Baseline Alerts (AMBA-ALZ) - ER Direct ExpressRoute RxLightLevel High Alert, Deploy Azure Monitor Baseline Alerts (AMBA-ALZ) - ER Direct ExpressRoute RxLightLevel Low Alert, Deploy Azure Monitor Baseline Alerts (AMBA-ALZ) - ER Direct ExpressRoute TxLightLevel High Alert, Deploy Azure Monitor Baseline Alerts (AMBA-ALZ) - ER Direct ExpressRoute TxLightLevel Low Alert, Deploy Azure Monitor Baseline Alerts (AMBA-ALZ) - ERG ExpressRoute Bits In Alert, Deploy Azure Monitor Baseline Alerts (AMBA-ALZ) - ERG ExpressRoute Bits Out Alert, Deploy Azure Monitor Baseline Alerts (AMBA-ALZ) - ERG ExpressRoute CPU Utilization Alert, Deploy Azure Monitor Baseline Alerts (AMBA-ALZ) - ExpressRoute Circuits Arp Availability Alert, Deploy Azure Monitor Baseline Alerts (AMBA-ALZ) - ExpressRoute Circuits Bgp Availability Alert, Deploy Azure Monitor Baseline Alerts (AMBA-ALZ) - ExpressRoute Circuits QosDropBitsInPerSecond Alert, Deploy Azure Monitor Baseline Alerts (AMBA-ALZ) - ExpressRoute Circuits QosDropBitsOutPerSecond Alert, Deploy Azure Monitor Baseline Alerts (AMBA-ALZ) - PDNSZ Capacity Utilization Alert, Deploy Azure Monitor Baseline Alerts (AMBA-ALZ) - PDNSZ Query Volume Alert, Deploy Azure Monitor Baseline Alerts (AMBA-ALZ) - PDNSZ Record Set Capacity Alert, Deploy Azure Monitor Baseline Alerts (AMBA-ALZ) - PDNSZ Registration Capacity Utilization Alert, Deploy Azure Monitor Baseline Alerts (AMBA-ALZ) - PIP Bytes in DDoS Attack Alert, Deploy Azure Monitor Baseline Alerts (AMBA-ALZ) - PIP DDoS Attack Alert, Deploy Azure Monitor Baseline Alerts (AMBA-ALZ) - PIP Packets in DDoS Attack Alert, Deploy Azure Monitor Baseline Alerts (AMBA-ALZ) - PIP VIP Availability Alert, Deploy Azure Monitor Baseline Alerts (AMBA-ALZ) - VNet DDoS Attack Alert, Deploy Azure Monitor Baseline Alerts (AMBA-ALZ) - VNetG Egress Packet Drop Count Alert, Deploy Azure Monitor Baseline Alerts (AMBA-ALZ) - VNetG Egress Packet Drop Mismatch Alert, Deploy Azure Monitor Baseline Alerts (AMBA-ALZ) - VNetG ExpressRoute Bits Per Second Alert, Deploy Azure Monitor Baseline Alerts (AMBA-ALZ) - VNetG ExpressRoute CPU Utilization Alert, Deploy Azure Monitor Baseline Alerts (AMBA-ALZ) - VNetG Ingress Packet Drop Count Alert, Deploy Azure Monitor Baseline Alerts (AMBA-ALZ) - VNetG Ingress Packet Drop Mismatch Alert, Deploy Azure Monitor Baseline Alerts (AMBA-ALZ) - VNetG Tunnel Bandwidth Alert, Deploy Azure Monitor Baseline Alerts (AMBA-ALZ) - VNetG Tunnel Egress Alert, Deploy Azure Monitor Baseline Alerts (AMBA-ALZ) - VNetG Tunnel Ingress Alert, Deploy Azure Monitor Baseline Alerts (AMBA-ALZ) - VPNG BGP Peer Status Alert, Deploy Azure Monitor Baseline Alerts (AMBA-ALZ) - VPNG Bandwidth Utilization Alert, Deploy Azure Monitor Baseline Alerts (AMBA-ALZ) - VPNG Egress Alert, Deploy Azure Monitor Baseline Alerts (AMBA-ALZ) - VPNG Egress Packet Drop Count Alert, Deploy Azure Monitor Baseline Alerts (AMBA-ALZ) - VPNG Egress Packet Drop Mismatch Alert, Deploy Azure Monitor Baseline Alerts (AMBA-ALZ) - VPNG Ingress Alert, Deploy Azure Monitor Baseline Alerts (AMBA-ALZ) - VPNG Ingress Packet Drop Count Alert, Deploy Azure Monitor Baseline Alerts (AMBA-ALZ) - VPNG Ingress Packet Drop Mismatch Alert
JSON
EPAC