Set up integration for Azure Alerts

Azure Alerts is a unified notification hub for all types of important conditions found in Azure monitoring data.

The integration of Azure Alerts enables you to consume alerts, which are automatically transformed into events that are leveraged by Davis AI for deeper insights.

How Azure Alerts are integrated

Azure Alerts are consumed via webhooks that are configured in your Azure Alert Rules.

The alerts are mapped to the closed matching known entity. This means that they either map to their related Azure resource entity or, as a fallback, to the Azure subscription of the resource.

The following alert types are supported:

Metric alerts

Metric alerts are complementary to Dynatrace integration of Azure Monitor metrics.

Metric alerts allow you to retrieve metric based events without the need to push the metrics to Dynatrace. This is helpful in reducing API and network pressure, especially in cases where you may not need the metric (for example, for charting purposes).

The event type is defined based on alert severity:

  • Sev-0: ERROR_EVENT
  • Sev-1: PERFORMANCE_EVENT
  • Sev-2: RESOURCE_CONTENTION
  • Sev-3: CUSTOM_ANNOTATION

Activity alerts

Activity Alerts provide various types of notifications including Administrative, Service Health, Autoscale, Security, Policy, and Recommendation.

This opens up a whole new set of insights that you can add to your performance telemetry, including a maintainance event that signifies temporary unavailability.

Before you begin

The following is required to send Azure Alerts into Dynatrace:

  • Enabled Azure Monitor integration
  • A Dynatrace API-token with access scope Import data and events from external sources
  • One or more designated ActiveGates with valid TLS certificate

How to create an API token

To generate an API token:

  1. Select Settings in the navigation menu.
  2. Go to Integration > Dynatrace API.
  3. Click the Generate token button.
  4. Enter a name for your token.
  5. Select the Import data and events from external sources permission.
  6. Click Generate.

You can assign multiple permissions to a single token, or you can generate several tokens, each with different access levels, and use them accordingly. Check your organization's security policies for best practices.

How to set up your ActiveGate to consume Azure Alerts

  1. The Azure Alert webhooks require a valid TLS certificate (No self-signed certificate) to communicate via HTTPS. For details, see how-To configure custom SSL certificate for an ActiveGate.

  2. Add the following lines to your ActiveGate custom.properties file and restart the ActiveGate after the configuration has been applied:

[azure_monitoring]
event_servlet = true

Note The ActiveGate designated to consume Azure Alerts doesn't necessary have to be the same ActiveGate that runs the Azure Monitor integration.

How to set up your Azure Alert Rules

Read more about Azure Alert Rules configuration.

When defining action rules, use following settings:

URI

 https://[Your-Activegate-Address]:9999/modules/azure_monitoring/alerts_webhook?token=[Your-API-Token]

Enable the common alert schema

 No

Advanced configuration

Whitelist Azure Alert source IP addresses for ActiveGate access

You can find the most recent list of source IP addresses in the Azure documentation.

Troubleshooting

What happens if the ActiveGate isn't reachable

If your ActiveGate isn't reachable while sending an alert, Azure Alerts will re-attempt the send.

Events are missed

If an event is sent in an unknown format (for example, common schema) or sent from a subscription that is unkown to Dynatrace (for example, the provided service principal doesn't have read permissions to the subscription), the event will be dropped. In the Azure Integration config section in the settings, you can view statistics of the events which couldn't be handled.