If you need to get an Azure Monitor alert using Azure Resource Graph data, this can easily be accomplished using the Azure Resource Graph integration in Azure LogAnalytics.
In the example below, I’m detecting any Microsoft Copilot for Security instances, that I have running for demo-purpose.
The steps to configure this is shown below.
Step 1: Define the query in Azure Resource Graph
resources
| where ['type'] contains "microsoft.securitycopilot/capacities"Step 2: Test the query using Azure LogAnalytics
arg("").resources
| where ['type'] contains "microsoft.securitycopilot/capacities"Step 3: Configure the Azure Monitor Alert Rule
