Set-AzAlertsSuppressionRule
Create or update an alerts suppression rule.
Syntax
RuleNameWithParameters (Default)
Set-AzAlertsSuppressionRule
-Name <String>
-AlertType <String>
-Reason <String>
-State <PSRuleState>
[-ExpirationDateUtc <DateTime>]
[-Comment <String>]
[-SuppressionAlertsScope <PSSuppressionAlertsScope>]
[-AllOf <PSIScopeElement[]>]
[-DefaultProfile <IAzureContextContainer>]
[-WhatIf]
[-Confirm]
[<CommonParameters>]
Set-AzAlertsSuppressionRule
-InputObject <PSAlertsSuppressionRule>
[-Name <String>]
[-AlertType <String>]
[-ExpirationDateUtc <DateTime>]
[-Reason <String>]
[-State <PSRuleState>]
[-Comment <String>]
[-SuppressionAlertsScope <PSSuppressionAlertsScope>]
[-AllOf <PSIScopeElement[]>]
[-DefaultProfile <IAzureContextContainer>]
[-WhatIf]
[-Confirm]
[<CommonParameters>]
Description
Create or update an alerts suppression rule.
Examples
Example 1
Set-AzAlertsSuppressionRule -Name "Example" -State Enabled -Comment "Example of a comment" -AlertType "AzureDNS_CurrencyMining" -Reason "Other" -AllOf @([Microsoft.Azure.Commands.Security.Models.AlertsSuppressionRules.PSScopeElementContains]::new("entities.account.name", "example")) -ExpirationDateUtc 2024-10-17T15:02:24.7511441Z
The above example creates a new suppression rule with the name "Example" to suppress alerts of type (Digital currency mining activity)[https://learn.microsoft.com/en-us/azure/defender-for-cloud/alerts-reference] that contains "example" as part of their account name.
Parameters
-AlertType
Alert type to suppress.
Parameter properties
Type: String
Default value: None Supports wildcards: False DontShow: False
Parameter sets
RuleNameWithParameters
Position: Named Mandatory: True Value from pipeline: False Value from pipeline by property name: False Value from remaining arguments: False
-AllOf
Scope the suppression rule using specific entities.
Parameter properties
Type: PSIScopeElement [ ]
Default value: None Supports wildcards: False DontShow: False
Parameter sets
(All)
Position: Named Mandatory: False Value from pipeline: False Value from pipeline by property name: False Value from remaining arguments: False
Comment.
Type: String
Default value: None Supports wildcards: False DontShow: False
(All)
Position: Named Mandatory: False Value from pipeline: False Value from pipeline by property name: False Value from remaining arguments: False
-Confirm
Prompts you for confirmation before running the cmdlet.
Parameter properties
Type: SwitchParameter
Default value: None Supports wildcards: False DontShow: False Aliases: cf
Parameter sets
(All)
Position: Named Mandatory: False Value from pipeline: False Value from pipeline by property name: False Value from remaining arguments: False
-DefaultProfile
The credentials, account, tenant, and subscription used for communication with Azure.
Parameter properties
Type: IAzureContextContainer
Default value: None Supports wildcards: False DontShow: False Aliases: AzContext, AzureRmContext, AzureCredential
Parameter sets
(All)
Position: Named Mandatory: False Value from pipeline: False Value from pipeline by property name: False Value from remaining arguments: False
-ExpirationDateUtc
Set an expiration data for the rule, expected to be in a UTC format.
Parameter properties
Parameter sets
(All)
Position: Named Mandatory: False Value from pipeline: False Value from pipeline by property name: False Value from remaining arguments: False
Input Object.
InputObject
Position: Named Mandatory: True Value from pipeline: True Value from pipeline by property name: False Value from remaining arguments: False
-Name
Alert suppression rule name, needs to be unique per subscription.
Parameter properties
Type: String
Default value: None Supports wildcards: False DontShow: False
Parameter sets
RuleNameWithParameters
Position: Named Mandatory: True Value from pipeline: False Value from pipeline by property name: False Value from remaining arguments: False
-Reason
The reason for creating the suppression rule.
Parameter properties
Type: String
Default value: None Supports wildcards: False DontShow: False
Parameter sets
RuleNameWithParameters
Position: Named Mandatory: True Value from pipeline: False Value from pipeline by property name: False Value from remaining arguments: False
-State
State of the rule, Enabled/Disabled
Parameter properties
Type: PSRuleState
Default value: None Accepted values: Enabled, Disabled, Expired Supports wildcards: False DontShow: False
Parameter sets
RuleNameWithParameters
Position: Named Mandatory: True Value from pipeline: False Value from pipeline by property name: False Value from remaining arguments: False
-SuppressionAlertsScope
Scope the suppression rule using specific entities.
Parameter properties
Parameter sets
(All)
Position: Named Mandatory: False Value from pipeline: False Value from pipeline by property name: False Value from remaining arguments: False
-WhatIf
Shows what would happen if the cmdlet runs.
The cmdlet is not run.
Parameter properties
Type: SwitchParameter
Default value: None Supports wildcards: False DontShow: False Aliases: wi
Parameter sets
(All)
Position: Named Mandatory: False Value from pipeline: False Value from pipeline by property name: False Value from remaining arguments: False
CommonParameters
This cmdlet supports the common parameters: -Debug, -ErrorAction, -ErrorVariable,
-InformationAction, -InformationVariable, -OutBuffer, -OutVariable, -PipelineVariable,
-ProgressAction, -Verbose, -WarningAction, and -WarningVariable. For more information, see
about_CommonParameters .
Outputs
