1. 技术文章
  2. Azure Monitor Alerts using webhook to Microsoft Teams - No messages to Teams

Azure Monitor Alerts using webhook to Microsoft Teams - No messages to Teams

柔情痞子 提交于 2020-04-16 03:42:25

问题


I'm using Azure Monitor/Log Analytics to trigger alerts successfully. I'm trying to get the alerts into a Microsoft Teams channel (as well as a slack channel for debugging) with no success.

I've an alert that's successfully being triggered. I have an action group with my email, sms and azure app push configured. I've been receiving these messages each time the alert triggers.

I've got another action group with a couple of webhooks in for a Microsoft Teams and Slack channels. I'm not receiving anything on these channels.

I've enabled the custom 'Include custom Json payload for webhook' and pasted both the suggested json and the following { "AlertName":"#alertrulename", "AlertDescription":"#description", "LinkToSearchResults":"#linktosearchresults"}

I get the emails/sms/push notifications but not the messages to the web hooks. I've tried leaving the common alert schema set to no in the action group, the default (as well trying unsuccessfully on yes as well).

Suspecting it's something to do with the custom payload json as mention here https://azure.microsoft.com/en-gb/blog/webhooks-for-azure-alerts/

Any ideas on how I can get my alerts into teams?

Thanks


回答1:


Managed to crack it and get it working everyone!

Using Azure Automation, a runbook/webhook.

Added the following as a runbook (update your uri):

param
(
    [Parameter (Mandatory=$false)]
    [object] $WebhookData
)
if ($WebhookData)
{
    # Get the data object from WebhookData.
    $WebhookBody = (ConvertFrom-Json -InputObject $WebhookData.RequestBody)
    $alertName = $WebhookBody.alertname
    $alertDescription = $WebhookBody.alertDescription
    $linkToSearch = $WebhookBody.linktosearchresults
    $query = $WebhookBody.searchquery
    $results = $WebhookBody.resultcount
    $AlertThreshold = $WebhookBody.AlertThreshold
    $AlertThresholdValue = $WebhookBody.AlertThresholdValue
    $StartTime = $WebhookBody.SearchStartTime
    $EndTime = $WebhookBody.SearchEndTime
    $formatLink = "[Link]($linkToSearch)"
    $formatMessage = "$alertName has exceeded the threshold $AlertThreshold $AlertThresholdValue. Results returned: $results"

    $uri = 'https://teams-connector-uri'

    $body = ConvertTo-Json -Depth 4 @{
    summary = $alertName
    sections = @(
        @{
            activityTitle = $alertName
            activitySubtitle = $alertDescription
            activityText =  $formatMessage           
        },
        @{
            title = 'Details'
            facts = @(
                @{
                name = 'Query time range. (UTC)'
                value = "$StartTime $EndTime"
                },
                @{
                name = 'Link to search results'
                value = $formatLink
                },
                @{
                name = 'Query Executed'
                value = $query
                }
            )
        }
    )
} 
    Invoke-RestMethod -uri $uri -Method Post -body $body -ContentType 'application/json'
}

Then generate a webhook for the runbook and add this into the Azure Alert.

In the azure alert i've set the custom payload to this:

{ "AlertName":"#alertrulename", "AlertDescription":"#description", "LinkToSearchResults":"#linktosearchresults"}

Bingo, triggered alert and alert came through




回答2:


I haven't worked with Azure alert, so I'm not sure exactly what options you have available, but it looks like, from the fact that your payload is structured, that you'd like to format it into some consistent mechanism.

A common way to to this using Connectors is the use something like an "actionable message card". In essence, you're sending like a mini formatted popup window into the Team channel. To see some examples, go here and click "Select a sample" on the top left menu.

To do this, the Card doesn't need to be very complex, but you do need to give a tiny bit of thought to what you want it to look like, and possibly what actions you want to offer. For example, you probably want the name and description in a tabular format of some sort, and the LinkToSearchResults to be a button on the bottom that loads a browser window. The Actionable Messages Designer can also be useful to help you put it together. When you have the final design, you'll end up with a JSON text payload, and you just need to compose that together with the tokens from Azure.

Like I said, I haven't worked with Azure alerts, but I think this should help.




回答3:


I'm also looking into doing this and get exactly the same results as @JohnFox

Pretty tragic it can't just do it.

I've read somewhere you have to set up a Function or Logic App to be an "inbetween" from Azure to Teams (or Slack)

I tried this workaround...

http://www.nibrasmanna.com/send-azure-outage-notifications-to-microsoft-teams/

...but it is unworkable, all of the messages do get through to Teams, but the emails are too large to display.

To be honest getting webhooks running seems to be hard work

If anyone comes across a decent tutorial of getting this up and running, please post back - Thanks



来源:https://stackoverflow.com/questions/59883257/azure-monitor-alerts-using-webhook-to-microsoft-teams-no-messages-to-teams

标签
json
webhooks
microsoft-teams
azure-monitoring
易学教程内所有资源均来自网络或用户发布的内容,如有违反法律规定的内容欢迎反馈
该文章没有解决你所遇到的问题?点击提问,说说你的问题,让更多的人一起探讨吧!