question

Crod-8019 avatar image
0 Votes"
Crod-8019 asked ·

Azure monitoring and alerting

What is everyone using for proper alerting and notification into a ticketing system as well as sms page out for oncall purposes. I work on a team that believes checking email continuously is a one all solution and trying to gauge what everyone is doing/using to better respond to issues - in a sense better positioned to be proactive.

azure-virtual-machinesazure-webappsazure-ad-connect
· 1
10 |1000 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

@Crod-8019 Is there an update? Please 'Accept' as answer if any of the below replies helped, so that it can help others in the community.

0 Votes 0 ·
stan avatar image
0 Votes"
stan answered ·

Hi,
Best is to forward these alerts into ITSM system and create incidents out of them. Incidents allows you follow trough the whole cycle from the beginning of the problem to its resolution. Action groups offer integration with a few ITSM systems by ITSM connector. You can of course write your own integration if the ITSM system has some API by calling the API directly via automation service like Logic app, function or automation runbook. From the ITSM system you can set some additional notification via systems like Pager Duty. Of course you can make your action group in a way that both creates incident in ITSM and in the same time uses Pager Duty for notification.

I hope that answers your question.

·
10 |1000 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

FrankHuMSFT-3200 avatar image
0 Votes"
FrankHuMSFT-3200 answered ·

@Crod-8019 I'm not sure what you're request is. Are you asking for what sort of alert/notification system is being suggested for a ticketing system? These forums are meant for Azure related issues.

Azure monitoring specifically is building out rules to set alerts/notifications. Per the docs, Azure Alerts supports voice, sms, and email : https://docs.microsoft.com/en-us/azure/azure-monitor/platform/alerts-rate-limiting

This is what is supported, but what is a better notification system is a philosophical question, and if you have a better suggestion please submit it against the feedback forums here : https://feedback.azure.com/forums/231545-diagnostics-and-monitoring

· 1 ·
10 |1000 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

I'm not sure why this topic is so hard to understand but i'll give it my best. Azure - it has built in monitoring (that's great), that monitoring can alert (that's great but i hate looking at emails you know over a hundred at times). With that said How can someone take these alerts and dump them into say splunk and then forward these to say pager duty or better yet have an actual ticket made from an alert into say Service now? I work in an environment where a few engineers love looking at hundreds of emails (i don't), i believe that there has to be a better way to proactively and predicatively get reports/tickets/sms alerts as to whats going on in Azure.

0 Votes 0 ·
DimitriBackaert-7957 avatar image
0 Votes"
DimitriBackaert-7957 answered ·

Hi, I previously experienced the exact same scenario as Stan describes.
Alerts, triggered by servers (high CPU usage, Disk storage capacity, etc.) were sent to the ITSM system, where actions (daily tasks) were automatically created.
The responsible system engineer was automatically alerted, and had a hard deadline to resolve these issues, and prevent outages.
KR,

·
10 |1000 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

cmart avatar image
0 Votes"
cmart answered ·

My team uses Azure Monitor Alerts, so recently I started pushing AAD Connect Run Profile Results to Azure Monitor Logs (formerly Log Analytics I think). Getting alerts is one thing, investigating them is another, and I really like the ability to query over run profile results using Kusto. We've only been doing it for a few months but it's working out pretty well so far.

·
10 |1000 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.