Add alert id to id field

sreedharande / Microsoft-Sentinel-As-A-Code

Export Microsoft Sentinel artifacts like Analytical Rules, Hunting Queries, Workbooks in order to support new feature Repositories CI/CD Pipeline

MIT License

55 stars 19 forks source link

Add alert id to id field #4

Closed jonod8698 closed 2 years ago

jonod8698 commented 2 years ago

"id" field is missing rule id.

For example:

Expected Output: "[concat(resourceId('Microsoft.OperationalInsights/workspaces/providers', parameters('workspace'), 'Microsoft.SecurityInsights'),'/alertRules/1aed72d9-70c8-43b5-94e6-eeedc2974478')]"

Actual output: "[concat(resourceId('Microsoft.OperationalInsights/workspaces/providers', parameters('workspace'), 'Microsoft.SecurityInsights'),'/alertRules/)]"

Small tweak. Imports into sentinel without issues now.

sreedharande commented 2 years ago

@jonod8698 - Thanks for fix