Azure Monitor- Alert Management

Azure Alert Management provides a unified alerting experience across all Azure monitoring services including but not limited to Azure Monitor (Metrics and Activity Logs), Application Insights and OMS Log Analytics with support for third party services coming in future.
Azure Alert Management provides features such as alert correlation and state management.
This forum is to discuss anything related to alerting in Azure.

  • Hot ideas
  • Top ideas
  • New ideas
  • My feedback
  1. Add ability to Resolve Query Based Alert

    Hi. As for today, query based alert cannot be Resolved at all. Not manually and not by a "good" result. For example, a metric measurement alert rule Fired alert when "Greater Then 10". When the result is less or equal than 10, alert should be Resolved.

    40 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    4 comments  ·  Managing Alerts  ·  Flag idea as inappropriate…  ·  Admin →
  2. Metric alert lifecycle on 30 days expiration

    Currently, Azure Monitor removes alerts after 30 days. For metric alerts, it creates the situation where active (fired) alerts can be removed by the system BEFORE it get into resolved state. This leads to condition when there is no visual indicators in the UI about unhealthy state of the metric. At the same time, Azure Monitor does not fire new notifications as it considers that underlying metric conditions didn't change.
    This gap in the Azure monitoring experience has to be addressed. Ideally, I would love to see next behavior. When system removes 30-days old alert with "Fired" monitor condition, it…

    2 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Managing Alerts  ·  Flag idea as inappropriate…  ·  Admin →
  3. Improve acknowledgement experience

    Acknowledging large numbers of alerts is a painfully manual process.
    Portal-based grouping or select-all options would be helpful, as would an API-based function (using Powershell or Azure CLI).

    1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Managing Alerts  ·  Flag idea as inappropriate…  ·  Admin →
  4. Manage Action Rules via automation tools

    Action rules are great, but I don't see any documentation on how to manage them via CLI, ARM template, and/or Azure PowerShell. This is important so we can update action rules as part of our deployment process. Currently, every time we add a new resource group, it requires action rules to be updated, as different groups of engineers are responsible for different resource groups. This is something that can easily be forgotten, and as such, the ability to manage it programmatically is important.

    2 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Managing Alerts  ·  Flag idea as inappropriate…  ·  Admin →
  5. Better Alert / Action Group relationships within Portal UI

    From the 'edit action group' blade (selecting an action group from MicrosoftAzureMonitoring/NotificationReceiversDetailBlade/queryInputs) it would be useful to have a link to a view that shows all of the alerts that currently use the action group

    A summary of that count could also be useful on the manage actions view (https://portal.azure.com/#blade/MicrosoftAzureMonitoring/NotificationGroupsBlade/queryInputs) i.e. a column 'used by x alerts')

    There's a disconnect between alerts and action groups at the moment, navigation and the relationships between them should be easier to understand and manage

    1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Managing Alerts  ·  Flag idea as inappropriate…  ·  Admin →
  6. Automatically resolve alerts with configurable criteria

    It doesn't appear to be possible to automatically resolve alerts based on a configurable criteria (e.g. the alert has not been triggered for X period). This would be immensely useful for certain alerting scenarios.

    For example, I have an alert which triggers when updates are available for managed Windows servers using a log search condition and email action. Once the updates are installed, the alert will no longer trigger, but the alert is still active in a "New" state unless it's manually closed.

    8 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Managing Alerts  ·  Flag idea as inappropriate…  ·  Admin →
  7. BUG: Switching Log Alert API Preference Changes All Alert Rule Names to GUIDs

    Followed this guidance:
    https://docs.microsoft.com/en-us/azure/azure-monitor/platform/alerts-log-api-switch#process-of-switching-from-legacy-log-alerts-api

    Seemed safe enough, but this part is totally incorrect:
    The process of moving alert rules from legacy Log Analytics Alert API does not involve changing your alert definition, query, or configuration in any way. Your alert rules and monitoring are unaffected and the alerts will not stop or be stalled, during or after the switch. The only change is a change in API preference and access to your rules via a new API.

    The process of switching the API preference resulted in all of our Alert Rule names being changed to some combination of GUIDs, completely…

    3 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Managing Alerts  ·  Flag idea as inappropriate…  ·  Admin →
  8. Ability to Suppress "From now" for a configurable amount of time instead of "Always"

    It would be great to be able to have a From Now suppression that would auto-disable after a configurable amount of time to re-enable the alerting automatically. There are options for configurable Endtimes for suppressions but those also start at specific times. I want to be able to easily Suppress something that I know is going on now, maybe for an hour, or 24 hours, and have it automatically re-enable, without needing to go edit the Action Rule settings each time to configure the time range each time.

    7 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Managing Alerts  ·  Flag idea as inappropriate…  ·  Admin →
  9. ADF Alerts & metrics for only failed

    Right now, if I configure an alert under 'Alerts & metrics' for 'Failed pipeline runs metrics'. This means I need to get notification only when pipeline get failed, and it work as expected, true.

    But it also send notification for resolved. It is kind of misguided notification. Because no-one resolved that pipeline issue.

    For now there is no way I can configure an alert which notify my developers only when pipeline gets failed.

    1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Managing Alerts  ·  Flag idea as inappropriate…  ·  Admin →
  10. 1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Managing Alerts  ·  Flag idea as inappropriate…  ·  Admin →
  11. Allow webhooks to authenticate via authentication headers

    CUrrently, providing the tokenID of the webhook in the alert URI is not the most secure method of posting - we would like to be able to use authorization headers to authenticate against our webhook and also identify the source of the post.

    Having tokens in the url is really poor as typically logging software will log the request path + parameters (meaning the tokenID will be exposed),

    8 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Managing Alerts  ·  Flag idea as inappropriate…  ·  Admin →
  12. Increase the flexibility in Email/SMS/Push format.

    The SMS/Push notification is really great, but there are no VM name on it. When customers receive a SMS/Push, they only know a alert is fired, but they don't know which VM is facing the issue. They have to open email to check the details.

    The Email/SMS/Push format might not fit customer's need. Maybe Azure could add some boxes let customer themselves to add the items info they need. such as "ComputerName", "ServicesName".

    5 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Managing Alerts  ·  Flag idea as inappropriate…  ·  Admin →
  13. Suppress Alerts by Machine or User

    We would like to be able to suppress alerts based on the Computer or TargetUserAccount returned in the search query. For example, if I am monitoring disk space every 60 minutes, I should only receive 1 alert for INSTANCE1 but still be able to alert on other instances entering a low disk space condition the next time the alert runs. Similarly, if I alert on a user account failed login attemps, I should be able to exclude just that user but alert on others the next time that alert is polled.

    5 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Managing Alerts  ·  Flag idea as inappropriate…  ·  Admin →
  14. Support Combining Dynamic Threshold Criteria with Static Threshold Criteria

    Please support combining dynamic threshold criteria with static threshold criteria. I would like to combine a dynamic threshold with a static threshold. For instance, I would like to fire an alert when the dynamic threshold is exceeded but only when it also exceeds a minimum static threshold.

    2 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Managing Alerts  ·  Flag idea as inappropriate…  ·  Admin →
  15. Add Additional Event Triggers on Storage Account Alerting

    Monitoring and alerting on Storage Account resources seems to be focused on metric and general resource administration alert triggers.

    Ability to create/trigger an alert on the addition of a new blob/file to a container/containers in the storage account.

    2 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Managing Alerts  ·  Flag idea as inappropriate…  ·  Admin →
  16. Azure Monitor alert email format

    I would like the alert email format to be compatible with the text format.

    1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Managing Alerts  ·  Flag idea as inappropriate…  ·  Admin →
  17. Store the alert state in Log Analytics together with existing alert information

    Azure Monitor alert information are not written/reported into log analytics, hence it's not easy to create any visualization about alert state aggregation, trending and so on. Why not implementing a native write operation into log analytics or a solution which moves alert data to it?

    2 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Managing Alerts  ·  Flag idea as inappropriate…  ·  Admin →
  18. Allow to select all alerts of a smart group (not only visible)

    When viewing an alert smart group there's a possibility to select and edit all alerts at once. The issue is, that the "select all" option only selects the visible alerts of the current page. It doesn't select all alerts of all pages.
    If there are lots of alerts in a smart group it's very painful to iterate through all pages and process the activities for every page.
    It would be very useful to change the behavior of the "select all" option to really select all alerts (including alerts of other pages) or to add further select option to enable the…

    10 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Managing Alerts  ·  Flag idea as inappropriate…  ·  Admin →
  19. all changing smart group alert state to change the state of the alert

    It is unclear to me why it makes sense to create smart groups that you can change state for but then not have the state of the "smart group" not also change the state of the individual alerts that make up that smart group.

    2 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Managing Alerts  ·  Flag idea as inappropriate…  ·  Admin →
  20. Alert Resolution and Refired Alert During a Single Interval Behavior

    Currently if an alert is fired then resolved and triggered again during a single interval then you only get alerted once. The problem with this is you will not receive an alert for the second time the alert is fired thus giving the person who resolved the first alert the impression that everything is fixed when in fact there is now a new error that needs to be resolved.

    1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Managing Alerts  ·  Flag idea as inappropriate…  ·  Admin →
← Previous 1 3
  • Don't see your idea?

Feedback and Knowledge Base