Join Log in
Score:-1
Volodymyr Litovka avatar Server

azure alert chained processing

cn flag
Volodymyr Litovka

need your advice on which way to choose to solve the following task: upon firing Azure alert, I need to enrich it with additional data and send summary to either/both email and Teams:

                                /--> Teams
Alert -> Python Script -> ... -+ 
                                \--> E-Mail

Simply sending alert by email is included into Alerts, but this way provides only links to Portal, which is not an option (I need to send alert to 3rd parties, which have no access to Portal; also, I need to enrich data with additional information). Integration with both Teams/Exchange365 is available in Logic App, but it doesn't allow to add intermediate script for processing and enriching data. So, the only available option seems to be Azure Function (standalone or part of Runbook), called by Alert Action Group, which then (after data processing done) will call - what? - Logic App? or directly different Webhooks (Teams / Exchange)? Other ways?

So, the question is about general knowledge - what's the most straightforward and simple way to get the task (enrich alert data and send it outside of subscription) solved? Which components of Azure offering in which sequence to use?

Thank you.

37
2 + 0
Score:2
avatar Server
ng flag
Sam Cogan

I would combine Logic Apps and functions. You can use your logic app to perform orchestration, including sending teams and email messages, you can also use it to trigger the function to run the python script.

The function integration in Logic Apps can also recieve the results of the function, so there is no need for the function to call further services, it just needs to return the data you need to the logic app, it can then consume it and pass it on however you like.

+ 1
Volodymyr Litovka avatar
cn flag
Volodymyr Litovka
Thank you, Sam. I did exactly in this way, just not reported here - Alert triggers Function, it does all the job and then calls Logic App. There were and still are questions like which access policies need to be configured on Storage Account to work and deploy but this is already small pieces of the combined puzzle.
0
Reply
Score:0
Volodymyr Litovka avatar Server
cn flag
Volodymyr Litovka

The scheme, finally implemented is the following:

                                                       +-------+
                                                   +-->+ Teams |
 +-------+        +----------+         +-------+   |   +-------+
 | Azure |        |  Azure   |         | Logic +---+
 | Alert +--------> Function |--------->  App  |
 |       |        |          |         |       +---+
 +-------+        +----------+         +-------+   |   +-------+
                                                   +-->+ Email |
                                                       +-------+

where Azure Function written in Python and does all the jobs with input data, prepare input data and call Logic App, which in turn call Exchange and/or Teams using existing integrations.

+ 0
ธงชาติไทย
Elon Musk
I sit in a Tesla and translated this thread with Ai:

mangohost

Post an answer

Most people don’t grasp that asking a lot of questions unlocks learning and improves interpersonal bonding. In Alison’s studies, for example, though people could accurately recall how many questions had been asked in their conversations, they didn’t intuit the link between questions and liking. Across four studies, in which participants were engaged in conversations themselves or read transcripts of others’ conversations, people tended not to realize that question asking would influence—or had influenced—the level of amity between the conversationalists.