Hello,
We are currently creating alerts when a group is modified to detect membership alteration on critical AD groups. We have more than 500 groups under monitoring and the process to monitor group is manual in ARM, bringing difficulties when alerts have to be edited (email sent to the owner of each group for example) and wasting ARM operator time. Would it be possible to create a REST API to deal with the alerts.
The API would look like :
GET /api/v1/alert -> get all alerts
PUT /api/v1/alert/{alertName} -> add or modify an alert
GET /api/v1/alert/{alertName} -> get alert filtered by name
GET /api/v1/alert/?groupName=Domain Admin -> get alerts filtered by groupName
GET /api/v1/alert/?type=group -> get alerts filtered by alert type (AD group or directory trigger)
GET /api/v1/alert/?mail=alert-me@contoso.com -> get all alerts filtered by alert email address
DELETE /api/v1/alert/{alertName} -> delete an alert base on its name
An alert object would be something like:
{ "id": 1234556, "name": "domain-admin-alert" , "type": "group|directory", "monitored_item": "Domain Admins", "mail": ["alert-me@contoso.com"], "windows-event": "true", "syslog": {"server" : "10.10.10.10", "port": "514"}}
This would help to automate the alerting process and have the monitoring groups "configuration as code" enabled.
