Azure Monitor Alerts using webhook to Microsoft Teams - No messages to Teams
Managed to crack it and get it working everyone!
Using Azure Automation, a runbook/webhook.
Added the following as a runbook (update your uri):
param
(
[Parameter (Mandatory=$false)]
[object] $WebhookData
)
if ($WebhookData)
{
# Get the data object from WebhookData.
$WebhookBody = (ConvertFrom-Json -InputObject $WebhookData.RequestBody)
$alertName = $WebhookBody.alertname
$alertDescription = $WebhookBody.alertDescription
$linkToSearch = $WebhookBody.linktosearchresults
$query = $WebhookBody.searchquery
$results = $WebhookBody.resultcount
$AlertThreshold = $WebhookBody.AlertThreshold
$AlertThresholdValue = $WebhookBody.AlertThresholdValue
$StartTime = $WebhookBody.SearchStartTime
$EndTime = $WebhookBody.SearchEndTime
$formatLink = "[Link]($linkToSearch)"
$formatMessage = "$alertName has exceeded the threshold $AlertThreshold $AlertThresholdValue. Results returned: $results"
$uri = 'https://teams-connector-uri'
$body = ConvertTo-Json -Depth 4 @{
summary = $alertName
sections = @(
@{
activityTitle = $alertName
activitySubtitle = $alertDescription
activityText = $formatMessage
},
@{
title = 'Details'
facts = @(
@{
name = 'Query time range. (UTC)'
value = "$StartTime $EndTime"
},
@{
name = 'Link to search results'
value = $formatLink
},
@{
name = 'Query Executed'
value = $query
}
)
}
)
}
Invoke-RestMethod -uri $uri -Method Post -body $body -ContentType 'application/json'
}
Then generate a webhook for the runbook and add this into the Azure Alert.
In the azure alert i’ve set the custom payload to this:
{ "AlertName":"#alertrulename", "AlertDescription":"#description
*(Réponse tronquée)*