This post will explain the improvements that Microsoft has made by making the next-generation alert system of Azure generally available.
An important part of any large or complex IT system is being able to ignore it until something goes wrong or, ideally, is about to go wrong. The key to this is being able to configure alerts if something breaks, an unexpected thing happens, or if a threshold is exceeded. Azure has had a system for creating alerts but it has a fragmented history. You could configure alerts in all kinds of places, such as a virtual machine, in a web app, in Log Analytics (OMS), in Azure Backup (recovery services vault), or in Activity Log. Slowly, all of this is being centralized into Azure Monitor. The real system for monitoring performance and managing all alerts in Azure.
The configuration of alerts was quite fragmented too. Recovery services vaults only handled notifications by email. Log Analytics had its own complete system. Activity Log used a combination of Action Groups and alerts, which offered a lot of functionality. Azure monitor resource alerts were more powerful than those in the recovery services vault but still didn’t offer alerts by SMS text message.
Next Generation Alerts
After a fairly long public preview, Azure has made the next generation alert system generally available. With this new system, we see a unification of the methods used by Activity Log and Azure Monitor resources.
An Action Group allows you to define how a notification is configured. You can select a method of notifying people, and how those people are notified:
- SMS: You can configure text-based alerts to numbers in 15 countries
- Email: Send an email to a system, person, or (preferably) a distribution list
- Mobile App: Notifications can be pushed out via mobile apps hosted on Azure App Services
- Voice: An alert can be sent out via a voice-based phone, currently limited to numbers in the USA
You can also configure automated notifications:
- LogicApp: An Azure App Service that orchestrates a number of API-connected systems – the big brother of Office 365 Flow
- Webhook: Execute a task on a third-party system
- ITSM: Integrate with System Center Service Manager, ServiceNow, Provance, or Cherwell
- Automation Runbook: Execute a PowerShell-based or Python-based script that is hosted in Azure Automation to perform a task either on-premises or in Azure
You can configure one or more Action Groups and reuse them with different alerts, depending on the scenario. For example, most alerts might notify administrators of an issue. Some results, such as a successful backup by Azure Backup, might result in an email to a mailbox for proof-of-backup only and others might require some sort of automated response.
You can create alerts in Azure Monitor. The process consists of the following steps:
- Select A Target: What is the scope of monitoring that can create the alert. This can be a subscription, a resource group, or a resource.
- Add Criteria: Define a condition to create an alert, such as something happening in Activity Log or a performance threshold of a resource.
- Define Alert Rules: Give the alert a name, a description, and set a severity to suit your business processes.
- Define Action Group: Create or select an existing action group.
This new system allows you to create alerts for entire groups of virtual machines or resources that we could not do before and create complex human or automated responses.
Merging of Functionality
Microsoft also recently announced that Log Analytics will be leveraging the new alert system found in the Azure Portal, giving evidence to the maturing alerting system of Microsoft’s cloud.