- $Request.Body.data.essentials
- .alertRule (name)
- .monitorCondition ("Fired" vs. "Resolved")
- .firedDateTime (vs. resolvedDateTime)
- .description
- .severity
- .alertTargetIDs (https://portal.azure.com/#@/resource + alertTargetIDs) (the logic app)
Last active
October 19, 2020 03:36
-
-
Save mirontoli/94f819f1f2e71812d2603e9014c987ab to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
//https://yuml.me/diagram/scruffy/class/draw | |
[Alert Rule]*-*[Action Group] |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
//https://yuml.me/diagram/scruffy/class/draw | |
[Action Group]-++[Resource Group]-++[Azure Subscription] | |
[Action Group]-1..*[Action] | |
[Action]<>-[Webhook {bg:green}] |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
//https://yuml.me/diagram/scruffy/class/draw | |
[Condition]-[Signal] | |
[Condition]-[Alert Logic] | |
[Alert Logic]-[Threshold] | |
[Alert Logic]-[Evaluated based on] |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
{ | |
"data":{ | |
"alertContext":{ | |
"conditionType":"SingleResourceMultipleMetricCriteria", | |
"properties":null, | |
"condition":{ | |
"windowStartTime":"2020-10-09T18:44:06.861Z", | |
"allOf":[ | |
{ | |
"dimensions":{ | |
"value": "/SUBSCRIPTIONS/2CDFB689-1749-4931-A362-1930A6B88A7E/RESOURCEGROUPS/TOLLE-TMP/PROVIDERS/MICROSOFT.LOGIC/WORKFLOWS/TOLLE-FAILING-LOGICAPP", | |
"name": "ResourceId" | |
}, | |
"timeAggregation":"Maximum", | |
"webTestName":null, | |
"operator":"GreaterThanOrEqual", | |
"metricValue":1.0, | |
"metricName":"RunsFailed", | |
"metricNamespace":"Microsoft.Logic/workflows", | |
"threshold":"1" | |
} | |
], | |
"windowEndTime":"2020-10-09T18:49:06.861Z", | |
"windowSize":"PT5M" | |
} | |
}, | |
"essentials":{ | |
"alertRule":"Intended faiure", | |
"severity":"Sev3", | |
"alertTargetIDs":"/subscriptions/2cdfb689-1749-4931-a362-1930a6b88a7e/resourcegroups/tolle-tmp/providers/microsoft.logic/workflows/tolle-failing-logicapp", | |
"alertId":"/subscriptions/2cdfb689-1749-4931-a362-1930a6b88a7e/providers/Microsoft.AlertsManagement/alerts/a9cdd08f-98ee-4e2c-a1b1-ab0eedd0245b", | |
"description":"As expected, tolle-failing-logicapp", | |
"firedDateTime":"2020-10-09T18:02:19.8604547Z", | |
"originAlertId":"2cdfb689-1749-4931-a362-1930a6b88a7e_tolle-tmp_microsoft.insights_metricAlerts_Intended faiure_-1312865823", | |
"monitoringService":"Platform", | |
"signalType":"Metric", | |
"essentialsVersion":"1.0", | |
"monitorCondition":"Fired", | |
"alertContextVersion":"1.0" | |
} | |
}, | |
"schemaId":"azureMonitorCommonAlertSchema" | |
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
{ | |
"data":{ | |
"alertContext":{ | |
"conditionType":"SingleResourceMultipleMetricCriteria", | |
"properties":null, | |
"condition":{ | |
"windowStartTime":"2020-10-09T18:44:06.861Z", | |
"allOf":[ | |
{ | |
"dimensions":{ | |
"value": "/SUBSCRIPTIONS/2CDFB689-1749-4931-A362-1930A6B88A7E/RESOURCEGROUPS/TOLLE-TMP/PROVIDERS/MICROSOFT.LOGIC/WORKFLOWS/TOLLE-FAILING-LOGICAPP", | |
"name": "ResourceId" | |
}, | |
"timeAggregation":"Maximum", | |
"webTestName":null, | |
"operator":"GreaterThanOrEqual", | |
"metricValue":1.0, | |
"metricName":"RunsFailed", | |
"metricNamespace":"Microsoft.Logic/workflows", | |
"threshold":"1" | |
} | |
], | |
"windowEndTime":"2020-10-09T18:49:06.861Z", | |
"windowSize":"PT5M" | |
} | |
}, | |
"essentials":{ | |
"severity":"Sev3", | |
"resolvedDateTime":"2020-10-09T18:09:19.5930921Z", | |
"alertId":"/subscriptions/2cdfb689-1749-4931-a362-1930a6b88a7e/providers/Microsoft.AlertsManagement/alerts/a9cdd08f-98ee-4e2c-a1b1-ab0eedd0245b", | |
"alertTargetIDs":"/subscriptions/2cdfb689-1749-4931-a362-1930a6b88a7e/resourcegroups/tolle-tmp/providers/microsoft.logic/workflows/tolle-failing-logicapp", | |
"firedDateTime":"2020-10-09T18:02:19.8604547Z", | |
"alertRule":"Intended faiure", | |
"signalType":"Metric", | |
"monitoringService":"Platform", | |
"monitorCondition":"Resolved", | |
"essentialsVersion":"1.0", | |
"description":"As expected, tolle-failing-logicapp", | |
"originAlertId":"2cdfb689-1749-4931-a362-1930a6b88a7e_tolle-tmp_microsoft.insights_metricAlerts_Intended faiure_-1312865823", | |
"alertContextVersion":"1.0" | |
} | |
}, | |
"schemaId":"azureMonitorCommonAlertSchema" | |
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
//https://yuml.me/diagram/scruffy/class/draw | |
[Alert Rule]-1[Scope|(Failing Resource)] | |
[Alert Rule]-1[Condition] | |
[Alert Rule]*-*[Action Group] | |
[Alert Rule]-1[Details|Name;Description] |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
$body = "{'text':'hello world'}" | |
$ct = 'application/json; charset=utf-8' | |
$uri = "https://outlook.office.com/webhook/6c15f246-4ad8-47a7-ac3c-8c3e4ff96e08@21a772a0-3ad8-483b-bef2-d9c28cfe5dff/IncomingWebhook/7d88ca6b0f7d417bb87d4f8ae8816760/1522ad47-6712-4e3b-b454-d1198e0287a8" | |
Invoke-RestMethod -Method POST -ContentType $ct -Body $body -Uri $uri |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
using namespace System.Net | |
param($Request, $TriggerMetadata) | |
$data = $Request.Body.data | |
$essentials = $data.essentials | |
$alertRule = $essentials.alertRule | |
$monitorCondition = $essentials.monitorCondition | |
$body = "{'text':'Alert $monitorCondition : $alertRule'}" | |
$ct = 'application/json; charset=utf-8' | |
$uri = "https://outlook.office.com/webhook/6c15f246-4ad8-47a7-ac3c-8c3e4ff96e08@21a772a0-3ad8-483b-bef2-d9c28cfe5dff/IncomingWebhook/7d88ca6b0f7d417bb87d4f8ae8816760/1522ad47-6712-4e3b-b454-d1198e0287a8" | |
Invoke-RestMethod -Method POST -ContentType $ct -Body $body -Uri $uri | |
# Associate values to output bindings by calling 'Push-OutputBinding'. | |
Push-OutputBinding -Name Response -Value ([HttpResponseContext]@{ | |
StatusCode = [HttpStatusCode]::OK | |
Body = "OK" | |
}) |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# the code is in https://dev.azure.com/skanskanordic/imc-o365-platform/_git/imc-azure-alerts | |
using namespace System.Net | |
param($Request, $TriggerMetadata) | |
$body = $Request.Body | |
$data = $body.data | |
$essentials = $data.essentials | |
$alertContext = $data.alertContext | |
$condition = $alertContext.condition | |
$dimensions = $condition.allOf.dimensions | |
$fired = (Get-Date $essentials.firedDateTime).ToString("yyyy-MM-dd HH:mm:ss UTC") | |
$alertRule = $essentials.alertRule | |
$severity = $essentials.severity | |
$description = $essentials.description | |
$metricName = $condition.allOf.metricName | |
# ONLY FIRE EVENT matters for now | |
if ($essentials.monitorCondition -eq "Fired") { | |
Write-Host "fired!" | |
$url = "https://portal.azure.com/#@/resource" + $essentials.alertTargetIds | |
$bodyAc = @" | |
{ | |
"type": "message", | |
"attachments": [ | |
{ | |
"contentType": "application/vnd.microsoft.card.adaptive", | |
"contentUrl": null, | |
"content": { | |
"`$schema": "http://adaptivecards.io/schemas/adaptive-card.json", | |
"type": "AdaptiveCard", | |
"version": "1.2", | |
"body": [ | |
{ | |
"type": "ColumnSet", | |
"style": "emphasis", | |
"bleed": true, | |
"columns": [ | |
{ | |
"type": "Column", | |
"width": "auto", | |
"items": [ | |
{ | |
"type": "Image", | |
"url": "https://cdn.iconscout.com/icon/free/png-256/alert-87-267521.png", | |
"altText": "Profile picture", | |
"size": "Small", | |
"style": "Person" | |
} | |
] | |
}, | |
{ | |
"type": "Column", | |
"width": "stretch", | |
"items": [ | |
{ | |
"type": "TextBlock", | |
"size": "medium", | |
"weight": "bolder", | |
"text": "Azure Monitor Alert " | |
}, | |
{ | |
"type": "TextBlock", | |
"spacing": "None", | |
"text": "$fired", | |
"isSubtle": true, | |
"wrap": true | |
} | |
] | |
} | |
] | |
}, | |
{ | |
"type": "TextBlock", | |
"text": "This is an example from the guide on setting up your first Azure Alert guide by @mirontoli", | |
"wrap": true | |
}, | |
{ | |
"type": "FactSet", | |
"spacing": "large", | |
"facts": [ | |
{ | |
"title": "Alert Rule", | |
"value": "$alertRule" | |
}, | |
{ | |
"title": "Severity", | |
"value": "$severity" | |
}, | |
{ | |
"title": "Description", | |
"value": "$description" | |
}, | |
{ | |
"title": "Metric name", | |
"value": "$metricName" | |
} | |
] | |
} | |
], | |
"actions": [ | |
{ | |
"type": "Action.OpenUrl", | |
"title": "Application in Azure", | |
"url": "$url" | |
} | |
] | |
} | |
} | |
] | |
} | |
"@ #the last "@ may not have white space before, don't try to prettify it | |
# tolle057 team -> General | |
$uri = "https://outlook.office.com/webhook/6c15f246-4ad8-47a7-ac3c-8c3e4ff96e08@21a772a0-3ad8-483b-bef2-d9c28cfe5dff/IncomingWebhook/7d88ca6b0f7d417bb87d4f8ae8816760/1522ad47-6712-4e3b-b454-d1198e0287a8" | |
# Send Adaptive Card to Teams Channel | |
Invoke-RestMethod -Method post -ContentType 'application/json; charset=utf-8' -Body $bodyAc -Uri $uri | |
} | |
else { | |
Write-Host "monitorCondition: " + $essentials.monitorCondition | |
} | |
# Associate values to output bindings by calling 'Push-OutputBinding'. | |
Push-OutputBinding -Name Response -Value ([HttpResponseContext]@{ | |
StatusCode = [HttpStatusCode]::OK | |
Body = "OK" | |
}) |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment