Edit

Share via

Use AIOps to investigate incidents Azure Monitor Investigator

  • Article

This article describes how to use Azure Monitor Investigator to trigger an investigation to identify resource issues, or to explain why an alert was fired, and provide next steps to resolve the issue.

Investigate an alert

  1. From the home page in the Azure portal, select Monitor > Alerts.

  2. From the Alerts page, select the alert that you want to investigate.

  3. In the alert details pane, select Investigate on the top right.

    Screenshot of the investigate button from the alert details page.

  4. Alternatively, you can select Investigate from the email notification about an alert.

  5. The investigation starts to run.

    Screenshot of the investigator in the middle of running.

  6. When the investigation is complete, a summary of the incident is displayed with recommendations for how to mitigate the issue.

    Screenshot of the investigator response with recommendations.

Ask Copilot to trigger an investigation

  1. From the home page in the Azure portal, select Copilot.

  2. In Copilot, ask about resource issues to get more insight into the issue. Here are some examples of questions you can ask:

    • "Is there any anomaly in my edge resource?"
    • "Run anomaly detection for the last two days."
    • "Any anomaly on my AKS resource?"
    • "Had an alert in my HCI at 8 am this morning, run an anomaly investigation for me"
    • "Run anomaly detection at 2023-10-27T20:48:53Z."
    • "Run anomaly detection at 10/27/2023, 8:48:53 PM"

  3. Copilot runs an investigation and respond with the results.

Next steps

Learn about Responsible AI for Azure Monitor Investigator.