什麼是 Microsoft Azure 中的傳統警示?What are classic alerts in Microsoft Azure?


本文說明如何建立舊版傳統計量警示。This article describes how to create older classic metric alerts. 「Azure 監視器」現已支援新版的近乎即時計量警示和新的警示體驗Azure Monitor now supports newer near-real time metric alerts and a new alerts experience. 傳統警示已計畫淘汰Classic alerts are scheduled to be retired.

警示可讓您對資料設定條件,並在最近的監視資料符合條件時收到通知。Alerts allow you to configure conditions over data and become notified when the conditions match the latest monitoring data.

舊的和新的警示功能Old and New alerting capabilities

在舊的 Azure 監視器中,Application Insights、Log Analytics 和服務健康狀態具有個別的警示功能。In the past Azure Monitor, Application Insights, Log Analytics, and Service Health had separate alerting capabilities. 隨著時間進展,Azure 改善並結合使用者介面與不同的警示方法。Overtime, Azure improved and combined both the user interface and different methods of alerting. 這樣的整併仍在持續進行中。The consolidation is still in process.

您只能在 Azure 入口網站的傳統警示使用者畫面中檢視傳統警示。You can view classic alerts only in the classic alerts user screen in the Azure Portal. 您可以從警示畫面上的 [檢視傳統警示] 按鈕取得此畫面。You get this screen from the View classic alerts button on the alerts screen.

Azure 入口網站中的警示選擇

新的警示使用者體驗比傳統警示體驗多了下列優點:The new alerts user experience has the following benefits over the classic alerts experience:

  • 更好的通知系統- 所有新版警示都使用動作群組,這些是可在多個警示中重複使用的具名通知及動作群組。Better notification system - All newer alerts use action groups, which are named groups of notifications and actions that can be reused in multiple alerts. 傳統計量警示及舊版 Log Analytics 警示並不使用動作群組。Classic metric alerts and older Log Analytics alerts do not use action groups.
  • 統一的撰寫體驗 - Azure 監視器、Log Analytics 及 Application Insights 之計量、記錄和活動記錄的所有警示建立作業都在一個地方完成。A unified authoring experience - All alert creation for metrics, logs and activity log across Azure Monitor, Log Analytics, and Application Insights is in one place.
  • 在 Azure 入口網站中檢視引發的 Log Analytics 警示 - 您現在也能在訂用帳戶中查看引發的 Log Analytics 警示。View fired Log Analytics alerts in Azure portal - You can now also see fired Log Analytics alerts in your subscription. 先前這些警示是在個別的入口網站中。Previously these were in a separate portal.
  • 分隔引發的警示和警示規則 - 區分警示規則 (定義觸發警示的條件) 和引發的警示 (警示規則引發的執行個體),因此將操作與設定檢視分開。Separation of fired alerts and alert rules - Alert rules (the definition of condition that triggers an alert), and Fired Alerts (an instance of the alert rule firing) are differentiated, so the operational and configuration views are separated.
  • 更好的工作流程 - 新的警示編寫體驗會引導使用者進行設定警示規則的程序,而能更容易找到要取得警示的正確項目。Better workflow - The new alerts authoring experience guides the user along the process of configuring an alert rule, which makes it simpler to discover the right things to get alerted on.
  • 智慧型警示彙總設定警示狀態 - 新版警示包含自動群組功能,可將類似的警示顯示在一起,以減少使用者介面中的多載。Smart Alerts consolidation and setting alert state - Newer alerts include auto grouping functionality showing similar alerts together to reduce overload in the user interface.

新版計量警示比傳統計量警示多了下列優點:The newer metric alerts have the following benefits over the classic metric alerts:

  • 改善延遲:新版計量警示的執行頻率可以達到每分鐘一次。Improved latency: Newer metric alerts can run as frequently as every one minute. 舊版計量警示的執行頻率一律是每 5 分鐘一次。Older metric alerts always run at a frequency of 5 minutes. 新版警示從發生問題到通知或動作的延遲較短 (3 至 5 分鐘)。Newer alerts have increasing smaller delay from issue occurrence to notification or action (3 to 5 minutes). 舊版警示則是 5 至 15 分鐘,視類型而定。Older alerts are 5 to 15 minutes depending on the type. 記錄警示通常會有 10 到 15 分鐘的延遲,這是因為內嵌記錄需要時間,但新版的處理方法可縮短該時間。Log alerts typically have 10 to 15-minute delay due to the time it takes to ingest the logs, but newer processing methods are reducing that time.
  • 支援多維度計量:您可以針對維度計量發出警示,以便監視計量中某個您感興趣的區段。Support for multi-dimensional metrics: You can alert on dimensional metrics allowing you to monitor an interesting segment of the metric.
  • 對計量條件有更多的控制:您可以定義更豐富的警示規則。More control over metric conditions: You can define richer alert rules. 新版警示支援監視計量的最大值、最小值、平均及總計值。The newer alerts support monitoring the maximum, minimum, average, and total values of metrics.
  • 可合併監視多個計量:您可以使用單一規則來監視多個計量 (目前最多兩個計量)。Combined monitoring of multiple metrics: You can monitor multiple metrics (currently, up to two metrics) with a single rule. 若兩個計量在指定的期間內都超出其個別閾值,就會觸發警示。An alert is triggered if both metrics breach their respective thresholds for the specified time-period.
  • 更好的通知系統:所有新版警示都使用動作群組,這些是可在多個警示中重複使用的具名通知及動作群組。Better notification system: All newer alerts use action groups, which are named groups of notifications and actions that can be reused in multiple alerts. 傳統計量警示及舊版 Log Analytics 警示並不使用動作群組。Classic metric alerts and older Log Analytics alerts do not use action groups.
  • 來自記錄的計量 (公開預覽):現在可將進入 Log Analytics 的記錄資料擷取並轉換成「Azure 監視器」計量,然後針對這些計量發出警示,就像任何其他計量一樣。Metrics from Logs (public preview): Log data going into Log Analytics can now be extracted and converted into Azure Monitor metrics and then alerted on just like other metrics. 如需傳統警示專用的術語,請參閱警示 (傳統)See Alerts (classic) for the terminology specific to classic alerts.

Azure 監視器資料的傳統警示Classic alerts on Azure Monitor data

可用的傳統警示類型有兩種:計量警示和活動記錄警示。There are two types of classic alerts available - metric alerts and activity log alerts.

  • 傳統計量警示:當指定的計量值超出您指派的閾值時,就會觸發此警示。Classic metric alerts - This alert triggers when the value of a specified metric crosses a threshold that you assign. 超過閾值且符合警示條件時,警示會產生通知。The alert generates a notification when that threshold is crossed and the alert condition is met. 此時,警示會被視為「已啟動」。At that point, the alert is considered "Activated". 當警示「已解決」(也就是再次超出閾值但不再符合條件) 時,會產生另一個通知。It generates another notification when it is "Resolved" - that is, when the threshold is crossed again and the condition is no longer met.

  • 傳統活動記錄警示 - 因符合篩選準則,而由活動記錄項目觸發的串流記錄警示。Classic activity log alerts - A streaming log alert that triggers on an Activity Log event entry that matches your filter criteria. 這些警示只有一個狀態:「已啟動」。These alerts have only one state, "Activated". 警示引擎會將篩選準則直接套用至任何新事件。The alert engine simply applies the filter criteria to any new event. 並不會搜尋以找出較舊的項目。It does not search to find older entries. 當新的服務健康狀態事件發生時,或當使用者或應用程式在您的訂用帳戶中執行諸如「刪除虛擬機器」作業時,這些警示可以通知您。These alerts can notify you when a new Service Health incident occurs or when a user or application performs an operation in your subscription, for example, "Delete virtual machine."

針對透過 Azure 監視器提供的診斷記錄資料,請將資料路由傳送至 Log Analytics (先前稱為 OMS) 並使用 Log Analytics 查詢警示。For Diagnostic Log data available through Azure Monitor, route the data into Log Analytics (formerly OMS) and use a Log Analytics query alert. Log Analytics 現在使用新的警示方法Log Analytics now uses the new alerting method

下圖摘要說明 Azure 監視器中的資料來源,以及就概念而言如何發出該資料的警示。The following diagram summarizes sources of data in Azure Monitor and, conceptually, how you can alert off of that data.


警示 (傳統) 的分類法Taxonomy of alerts (classic)

Azure 使用下列詞彙來描述傳統警示及其功能:Azure uses the following terms to describe classic alerts and their functions:

  • 警示 - 符合時會啟動之準則 (一或多個規則或條件) 的定義。Alert - a definition of criteria (one or more rules or conditions) that becomes activated when met.
  • 作用中 - 符合傳統警示所定義準則時的狀態。Active - the state when the criteria defined by a classic alert is met.
  • 已解決 - 先前符合傳統警示所定義的準則,但之後已不再符合時的狀態。Resolved - the state when the criteria defined by a classic alert is no longer met after previously having been met.
  • 通知 - 根據變成作用中之傳統警示而採取的動作。Notification - the action taken based off of a classic alert becoming active.
  • 動作 - 傳送給通知接收者的特定呼叫 (例如以電子郵件傳送位址或張貼到 Webhook URL)。Action - a specific call sent to a receiver of a notification (for example, emailing an address or posting to a webhook URL). 通知通常可觸發多個動作。Notifications can usually trigger multiple actions.

如何收到 Azure 監視器傳統警示傳來的通知?How do I receive a notification from an Azure Monitor classic alert?

在過去,Azure 的警示來自不同的服務,各自使用其專屬的內建通知方法。Historically, Azure alerts from different services used their own built-in notification methods.

Azure 監視器會建立可重複使用的通知群組,稱為動作群組Azure Monitor created a reusable notification grouping called action groups. 動作群組可指定一組通知接受者。Action groups specify a set of receivers for a notification. 每次參考動作群組的警示啟動時,所有接收者都會接收到該通知。Any time an alert is activated that references the Action Group, all receivers receive that notification. 動作群組可讓您在許多警示物件之間重複使用一組接收者 (例如您隨時待命的工程師清單)。Action groups allow you to reuse a grouping of receivers (for example, your on-call engineer list) across many alert objects. 除了電子郵件地址、簡訊號碼和一些其他動作,動作群組的通知支援還包括張貼到 Webhook URL。Action groups support notification by posting to a webhook URL in addition to email addresses, SMS numbers, and a number of other actions. 如需詳細資訊,請參閱動作群組For more information, see action groups.

舊版傳統活動記錄警示會使用動作群組。Older classic Activity Log alerts use action groups.

不過,舊版計量警示不會使用動作群組。However, the older metric alerts do not use action groups. 您可以改為設定下列動作:Instead, you can configure the following actions:

  • 將電子郵件通知傳送至服務管理員、共同管理員或您指定的其他電子郵件。Send email notifications to the service administrator, to coadministrators, or to additional email addresses that you specify.
  • 呼叫 webhook,可讓您啟動其他自動化動作。Call a webhook, which enables you to launch additional automation actions.

Webhook 可啟用自動化和修復,例如使用:Webhooks enables automation and remediation, for example, using:

  • Azure 自動化 RunbookAzure Automation Runbook
  • Azure FunctionAzure Function
  • Azure 邏輯應用程式Azure Logic App
  • 第三方服務a third-party service

後續步驟Next steps

使用下列項目取得有關警示規則和設定這些規則的資訊:Get information about alert rules and configuring them by using: