Share via

Error 'The request had some invalid properties' while setting up alert rule in Azure

Bharath Reddy V 0 Reputation points
2024-11-13T01:17:15.5366667+00:00

I am trying to setup alert rule to get count from a table- Log Analytics workspace. KQL query works well in logs query section, but gives error 'The request had some invalid properties' while setting up alert. 

Syslog_CL
| where TimeGenerated >= ago(2m)
| summarize Count = count()
Azure Monitor
Azure Monitor
An Azure service that is used to collect, analyze, and act on telemetry data from Azure and on-premises environments.

1 answer

Sort by: Most helpful
Most helpful Newest Oldest
  1. Pranay Reddy Madireddy 6,340 Reputation points Moderator
    2024-11-13T13:52:53.33+00:00

    Hi Bharath Reddy V

    Welcome to the Microsoft Q&A Platform! Thank you for asking your question here.

    Check if TimeGenerated is a valid column in Syslog_CL. If it has a different name, you'll need to update your query accordingly.

    Sometimes, alerts require more context than just a count. Modify your query to include additional fields or context if necessary:

    Syslog_CL

    | where TimeGenerated >= ago(2m)

    | summarize Count = count() by bin(TimeGenerated, 1m)

    This modification bins the counts by minute, which can provide more structured data for alerts.

    Make sure you’ve selected the correct workspace and have the necessary permissions to set up alerts. Also, verify that all required fields in the alert configuration are completed correctly.

    If the issue continues, make sure your account has the right permissions to create alerts in the Log Analytics workspace, such as the Log Analytics Contributor role.
    If you have any further queries, do let us know.

    If the answer is helpful, please click "Accept Answer" and "Upvote it".

Your answer

Answers can be marked as 'Accepted' by the question author and 'Recommended' by moderators, which helps users know the answer solved the author's problem.