Microsoft Azure 中的警示概觀Overview of alerts in Microsoft Azure

本文章說明何謂警示、其優點,以及如何開始使用它們。This article describes what alerts are, their benefits, and how to get started using them.

Microsoft Azure 中的警示是什麼?What are alerts in Microsoft Azure?

當您的監視資料中發現重要條件時,警示會主動通知您。Alerts proactively notify you when important conditions are found in your monitoring data. 它們可讓您在系統使用者注意到問題之前,找出並解決問題。They allow you to identify and address issues before the users of your system notice them.

本文討論「Azure 監視器」中統一的警示體驗,此體驗現在包含 Log Analytics 和 Application Insights 所管理的警示。This article discusses the unified alert experience in Azure Monitor, which now includes alerts that were managed by Log Analytics and Application Insights. 先前的警示體驗和警示類型稱為傳統警示The previous alert experience and alert types are called classic alerts. 您可以透過按一下警示頁面上方的 [檢視傳統警ˋ] 來檢視此舊版體驗和舊版警示類型。You can view this older experience and older alert type by clicking on View classic alerts at the top of the alert page.

概觀Overview

下圖代表警示流程。The diagram below represents the flow of alerts.

警示流程

警示規則會分開警示和警示引發時所採取的動作。Alert rules are separated from alerts and the actions that are taken when an alert fires.

警示規則 - 警規則會擷取用於警示的目標和準則。Alert rule - The alert rule captures the target and criteria for alerting. 警示規則可處於已啟用或已停用狀態。The alert rule can be in an enabled or a disabled state. 警示只有在啟用時才會引發。Alerts only fire when enabled.

警示規則的主要屬性包括:The key attributes of an alert rule are:

目標資源 - 定義用於警示的範圍和訊號。Target Resource - Defines the scope and signals available for alerting. 目標可以是任何 Azure 資源。A target can be any Azure resource. 範例目標:虛擬機器、儲存體帳戶、虛擬機器擴展集、Log Analytics 工作區或 Application Insights 資源。Example targets: a virtual machine, a storage account, a virtual machine scale set, a Log Analytics workspace, or an Application Insights resource. 針對某些資源 (例如虛擬機器),您可以指定多個資源作為警示規則的目標。For certain resources (like Virtual Machines), you can specify multiple resources as the target of the alert rule.

訊號 - 訊號是由目標資源所發出並可以是數種類型。Signal - Signals are emitted by the target resource and can be of several types. 計量、Activity log、Application Insights 及記錄。Metric, Activity log, Application Insights, and Log.

準則 - 準則是目標資源上所套用訊號和邏輯的組合。Criteria - Criteria is combination of Signal and Logic applied on a Target resource. 範例:Examples:

  • 百分比 CPU > 70%Percentage CPU > 70%
  • 伺服器回應時間 > 4 msServer Response Time > 4 ms
  • 記錄查詢的結果計數 > 100Result count of a log query > 100

警示名稱 – 使用者所設定的警示規則特定名稱Alert Name – A specific name for the alert rule configured by the user

警示描述 – 使用者所設定的警示規則描述Alert Description – A description for the alert rule configured by the user

嚴重性 – 符合警示規則中指定的準則時的警示嚴重性。Severity – The severity of the alert once the criteria specified in the alert rule is met. 嚴重性的範圍可從 0 到 4。Severity can range from 0 to 4.

動作 - 引發警示時所採取的動作。Action - A specific action taken when the alert is fired. 如需詳細資訊,請參閱動作群組For more information, see Action Groups.

您可以發出警示的對象What you can alert on

您可以針對計量和記錄發出警示,如監視資料來源中所述。You can alert on metrics and logs as described in monitoring data sources. 包含但不限於:These include but are not limited to:

  • 計量值Metric values
  • 記錄搜尋查詢Log search queries
  • 活動記錄事件Activity Log events
  • 基礎 Azure 平台健康情況Health of the underlying Azure platform
  • 網站可用性測試Tests for web site availability

之前,「Azure 監視器」計量、Application Insights、Log Analytics 及「服務健康狀態」具有個別的警示功能。Previously, Azure Monitor metrics, Application Insights, Log Analytics, and Service Health had separate alerting capabilities. 隨著時間進展,Azure 已改善並結合使用者介面與不同的警示方法。Over time, Azure improved and combined both the user interface and different methods of alerting. 這樣的整併仍在持續進行中。This consolidation is still in process. 因此,新的警示系統中仍可能沒有某些警示功能。As a result, there are still some alerting capabilities not yet in the new alerts system.

監視來源Monitor source 訊號類型Signal type 說明Description
服務健康情況Service health 活動記錄檔Activity log 不支援。Not supported. 請參閱建立服務通知的活動記錄警示See Create activity log alerts on service notifications.
Application InsightsApplication Insights Web 可用性測試Web availability tests 不支援。Not supported. 請參閱 Web 測試警示See Web test alerts. 可供任何經檢測可傳送資料給 Application Insights 的網站使用。Available to any website that's instrumented to send data to Application Insights. 當網站的可用性或回應能力低於預期時收到通知。Receive a notification when availability or responsiveness of a website is below expectations.

管理警示Manage alerts

您可以設定警示的狀態來指定警示在解決流程中的位置。You can set the state of an alert to specify where it is in the resolution process. 當符合警示規則中指定的準則時,會建立或引發警示,該警示具有 [新] 狀態。When the criteria specified in the alert rule is met, an alert is created or fired, it has a status of New. 當您認可警示並將它關閉時,您可以變更狀態。You can change the status when you acknowledge an alert and when you close it. 任何狀態變更都會儲存在警示的記錄中。All state changes are stored in the history of the alert.

支援下列警示狀態:The following alert states are supported.

StateState 描述Description
新增New 已經偵測到問題,但尚未檢閱。The issue has just been detected and has not yet been reviewed.
已認可Acknowledged 系統管理員已檢閱警示,且已開始處理。An administrator has reviewed the alert and started working on it.
關閉Closed 已解決問題。The issue has been resolved. 關閉警示之後,您可以將警示變更為另一個狀態以重新開啟它。After an alert has been closed, you can reopen it by changing it to another state.

警示狀態監視條件不同且無關。Alert state is different and independent of the monitor condition. 警示狀態是由使用者所設定的。Alert state is set by the user. 監視條檢是由系統所設定的。Monitor condition is set by the system. 當引發警示時,警示的監視條件會設定為「已引發」 。When an alert fires, the alert's monitor condition is set to fired. 當導致引發警示的根本條件清除時,監視條件就會設定為「已解決」 。When the underlying condition that caused the alert to fire clears, the monitor condition is set to resolved. 警示狀態需等到使用者變更它之後才會變更。The alert state isn't changed until the user changes it. 了解如何變更警示與智慧群組的狀態Learn how to change the state of your alerts and smart groups.

智慧群組Smart groups

智慧群組目前為預覽階段。Smart Groups are in preview.

智慧群組是以機器學習演算法為基礎的警示彙總,有助於減少警示干擾及協助疑難排解。Smart groups are aggregations of alerts based on machine learning algorithms, which can help reduce alert noise and aid in trouble-shooting. 深入了解智慧群組如何管理智慧群組Learn more about Smart Groups and how to manage your smart groups.

警示體驗Alerts experience

對於特定時間內建立的警示,預設的 [警示] 頁面提供警示的摘要。The default Alerts page provides a summary of alerts that are created within a particular time window. 它會顯示每個嚴重性的警示總計,且有欄顯示每個嚴重性和每個狀態的警示總數。It displays the total alerts for each severity with columns that identify the total number of alerts in each state for each severity. 選取任何嚴重性以開啟依照該嚴重性篩選的 所有警示 頁面。Select any of the severities to open the All Alerts page filtered by that severity.

或者,您可以以程式設計方式列舉您訂用帳戶使用 REST Api 產生警示的執行個體Alternatively, you can programmatically enumerate the alert instances generated on your subscription(s) by using REST APIs.

它不會顯示或追蹤舊版傳統警示It does not show or track older classic alerts. 您可以變更訂用帳戶或篩選參數來更新頁面。You can change the subscriptions or filter parameters to update the page.

警示頁面

您可以選取頁面頂端下拉式功能表中的值來篩選此檢視。You can filter this view by selecting values in the dropdown menus at the top of the page.

Column 描述Description
訂用帳戶Subscription 選取您要檢視警示的 Azure 訂用帳戶。Select the Azure subscriptions for which you wish to view the alerts. 您可以選擇選取 所有訂用帳戶。You can optionally choose to select all your subscriptions. 檢視中所包含唯一的警示,您選取的訂用帳戶中擁有存取權。Only alerts that you have access to in the selected subscriptions are included in the view.
資源群組Resource group 選取單一資源群組。Select a single resource group. 檢視僅會包含所選資源群組中具有目標的警示。Only alerts with targets in the selected resource group are included in the view.
時間範圍Time range 只有在所選時間範圍內引發的警示才會包含在檢視中。Only alerts fired within the selected time window are included in the view. 支援的值為過去 1 小時、過去 24 小時、過去 7 天和過去 30 天。Supported values are the past hour, the past 24 hours, the past 7 days, and the past 30 days.

選取 [警示] 頁面頂端的下列值以開啟另一個頁面。Select the following values at the top of the Alerts page to open another page.

Value 描述Description
警示總計Total alerts 符合所選準則的警示總數。The total number of alerts that match the selected criteria. 選取此值以開啟沒有任何篩選的 [所有警示] 檢視。Select this value to open the All Alerts view with no filter.
智慧群組Smart groups 從符合所選準則之警示建立的智慧群組總數。The total number of smart groups that were created from the alerts that match the selected criteria. 選取此值將開啟 [所有警示] 檢視中的智慧群組清單。Select this value to open the smart groups list in the All Alerts view.
警示規則總計Total alert rules 所選訂用帳戶和資源群組中的警示規則總數。The total number of alert rules in the selected subscription and resource group. 選取此值以開啟在選取的訂用帳戶與資源群組上篩選的 [規則] 檢視。Select this value to open the Rules view filtered on the selected subscription and resource group.

管理警示規則Manage alert rules

按一下 [管理警示規則] 以顯示 [規則] 頁面。Click on Manage alert rules to show the Rules page. [規則] 是可管理各個 Azure 訂用帳戶之所有警示規則的單一位置。Rules is a single place for managing all alert rules across your Azure subscriptions. 它會列出所有警示規則,並可根據目標資源、資源群組、規則名稱或狀態來排序。It lists all alert rules and can be sorted based on target resources, resource groups, rule name, or status. 您也可以從這個頁面編輯、啟用或停用警示規則。Alert rules can also be edited, enabled, or disabled from this page.

警示規則

建立警示規則Create an alert rule

不論監視服務或訊號類型為何,都能以一致的方式編寫警示。Alerts can be authored in a consistent manner regardless of the monitoring service or signal type. 所有引發的警示和相關的詳細資料都在單一頁面中提供。All fired alerts and related details are available in single page.

您可以使用下列三個步驟建立新的警示規則:You create a new alert rule with the following three steps:

  1. 挑選警示的_目標_。Pick the target for the alert.
  2. 從目標的可用訊號中選取_訊號_。Select the signal from the available signals for the target.
  3. 從訊號指定套用於資料的_邏輯_。Specify the logic to be applied to data from the signal.

這個簡化的編寫程序讓您不再需要先知道監視來源或支援的訊號,就能選取 Azure 資源。This simplified authoring process no longer requires you to know the monitoring source or signals that are supported before selecting an Azure resource. 可用訊號的清單會自動根據您選取的目標資源進行篩選。The list of available signals is automatically filtered based on the target resource that you select. 此外,也會根據該目標,自動逐步引導您定義警示規則的邏輯。Also based on that target, you are guided through defining the logic of the alert rule automatically.

您可以參閱使用 Azure 監視器來建立、檢視及管理警示,深入了解如何建立警示規則。You can learn more about how to create alert rules in Create, view, and manage alerts using Azure Monitor.

警示可跨數個 Azure 監視服務使用。Alerts are available across several Azure monitoring services. 如需如何和何時使用每個服務的資訊,請參閱監視 Azure 應用程式和資源For information about how and when to use each of these services, see Monitoring Azure applications and resources.

[所有警示] 頁面All alerts page

按一下 [警示總計] 可查看所有警示頁面。Click on Total Alerts to see the all alerts page. 您可在此處檢視在所選時間範圍內建立的警示清單。Here you can view a list of alerts that were created within the selected time window. 您可以檢視個別警示的清單,或包含警示的智慧群組清單。You can view either a list of the individual alerts or a list of the smart groups that contain the alerts. 選取頁面頂端的橫幅以切換檢視。Select the banner at the top of the page to toggle between views.

[所有警示] 頁面

您可以透過在頁面頂端的下拉式功能表中選取下列值來篩選檢視。You can filter the view by selecting the following values in the dropdown menus at the top of the page.

Column 描述Description
訂用帳戶Subscription 選取您要檢視警示的 Azure 訂用帳戶。Select the Azure subscriptions for which you wish to view the alerts. 您可以選擇選取 所有訂用帳戶。You can optionally choose to select all your subscriptions. 檢視中所包含唯一的警示,您選取的訂用帳戶中擁有存取權。Only alerts that you have access to in the selected subscriptions are included in the view.
資源群組Resource group 選取單一資源群組。Select a single resource group. 檢視僅會包含所選資源群組中具有目標的警示。Only alerts with targets in the selected resource group are included in the view.
資源類型Resource type 選取一個或多個資源類型。Select one or more resource types. 檢視僅會包含所選類型目標之具目標的警示。Only alerts with targets of the selected type are included in the view. 指定資源群組之後,才可使用此欄。This column is only available after a resource group has been specified.
資源Resource 選取資源。Select a resource. 只有以該資源作為目標的警示才會包含在檢視中。Only alerts with that resource as a target are included in the view. 指定資源類型之後,才可使用此欄。This column is only available after a resource type has been specified.
SeveritySeverity 選取警示嚴重性,或選取 [所有] 以包含所有嚴重性的警示。Select an alert severity, or select All to include alerts of all severities.
監視器條件Monitor condition 選取監視器條件,或選取 [所有] 以包含條件的警示。Select a monitor condition, or select All to include alerts of conditions.
警示狀態Alert state 選取警示狀態,或選取 [所有] 以包含狀態的警示。Select an alert state, or select All to include alerts of states.
監視器服務Monitor service 選取服務,或選取 [所有] 以包含所有服務。Select a service, or select All to include all services. 只會包含由使用服務作為目標之規則所建立的警示。Only alerts created by rules that use service as a target are included.
時間範圍Time range 只有在所選時間範圍內引發的警示才會包含在檢視中。Only alerts fired within the selected time window are included in the view. 支援的值為過去 1 小時、過去 24 小時、過去 7 天和過去 30 天。Supported values are the past hour, the past 24 hours, the past 7 days, and the past 30 days.

選取頁面頂端的 [欄] 以選取要顯示的欄。Select Columns at the top of the page to select which columns to display.

警示詳細資料頁面Alert details page

當您選取警示時,隨即顯示 [警示詳細資料] 頁面。The Alert detail page is displayed when you select an alert. 它會提供警示的詳細資料,且可讓您變更其狀態。It provides details of the alert and enables you to change its state.

警示詳細資料

[警示詳細資料] 頁面包含下列各節。The Alert details page includes the following sections.

SectionSection 描述Description
總結Summary 顯示警示的內容和其他重要資訊。Displays the properties and other significant information about the alert.
歷程記錄History 列出警示採取的每個動作,以及對警示所做的任何變更。Lists each action taken by the alert and any changes made to the alert. 目前僅限於狀態變更。Currently limited to state changes.
診斷Diagnostics 內含警示之智慧群組的相關資訊。Information about the smart group the alert is included in. 「警示計數」 是指智慧群組中包含的警示數目。The alert count refers to the number of alerts that are included in the smart group. 包括相同智慧群組中過去 30 天內所建立的其他警示,不論警示清單頁面中所設定的時間篩選條件為何。Includes other alerts in the same smart group that were created in the past 30 days regardless of the time filter in the alerts list page. 選取警示以檢視其詳細資料。Select an alert to view its detail.

您的警示執行個體的角色型存取控制 (RBAC)Role-based access control (RBAC) for your alert instances

耗用量和管理警示的執行個體的要求有內建 RBAC 角色的使用者監視參與者或是監視讀取器The consumption and management of alert instances requires the user to have the built-in RBAC roles of either monitoring contributor or monitoring reader. 這些角色支援在任何 Azure 資源管理員範圍內,從訂用帳戶層級更細微的指派,在資源層級。These roles are supported at any Azure Resource Manager scope, from subscription level to granular assignments at a resource level. 例如,如果使用者只具有 '監視參與者' 'ContosoVM1' 的虛擬機器的存取權,然後他可以使用及管理上 'ContosoVM1' 產生的警示。For example, if a user only has 'monitoring contributor' access for virtual machine 'ContosoVM1', then he can consume and manage only alerts generated on 'ContosoVM1'.

以程式設計方式管理您的警示執行個體Manage your alert instances programmatically

有許多案例中,您會以程式設計方式查詢所產生的警示對您的訂用帳戶。There are many scenarios where you would want to programmatically query for alerts generated against your subscription. 這可能是建立在 Azure 入口網站中,外部的自訂檢視或分析您的警示來識別模式和趨勢。This could be to create custom views outside of the Azure portal, or to analyze your alerts to identify patterns and trends.

您可以針對您使用的訂用帳戶所產生的警示查詢警示的管理 REST API或使用警示的 Azure 資源 Graph REST APIYou can query for alerts generated against your subscriptions either by using the Alert Management REST API or by using the Azure Resource Graph REST API for Alerts.

警示的 Azure 資源 Graph REST API可讓您大規模的警示執行個體的查詢。The Azure Resource Graph REST API for Alerts allows you to query for alert instances at scale. 這被建議您不必管理跨許多訂用帳戶中產生警示的案例。This is recommended for scenarios where you have to manage alerts generated across many subscriptions.

下列範例要求給 API 傳回一個訂用帳戶內的警示的計數:The following sample request to the API returns the count of alerts within one subscription:

{
  "subscriptions": [
    <subscriptionId>
  ],
  "query": "where type =~ 'Microsoft.AlertsManagement/alerts' | summarize count()",
  "options": {
            "dataset":"alerts"
  }
}

警示可以查詢其'基本'欄位。The alerts can be queried for their 'essential' fields.

警示管理 REST API可用來取得有關特定警示,包括的詳細資訊及其'警示內容'欄位。The Alert Management REST API can be used to get more information about specific alerts, including their 'alert context' fields.

傳統警示Classic alerts

2018 年 6 月之前的 Azure 監視器計量和活動記錄警示功能稱為「警示 (傳統)」。The Azure Monitor metrics and activity log alerting capability before June 2018 is called "Alerts (classic)".

如需詳細資訊,請參閱傳統警示For more information, see Classic alerts

後續步驟Next steps