When a log search alert rule is configured with a target resource for which the alert process does not have access or permissions, the rule has an unauthorized target resource. Currently, log search alert rules might send alerts to unauthorized target resources.
For example, if log search alert rule query is defined with the target resource id column, the log search alert rule might not have the appropriate permissions to fire the alert to this target resource.
As of Mar 15,2024, sending a log search alert to unauthorized target resources is no longer supported. Alerts will not be sent to unauthorized target resources, and log search alert rules with an unauthorized target will be ignored.
Help and support
If you have questions, get answers from community experts in Microsoft Q&A. If you have a support plan and you need technical help, create a support request.