Set up monitoring notifications with Azure Monitor alerts

After setting up Azure Monitor integration, you can start setting up monitoring notifications with Azure Monitor alerts.

Azure Monitor alerts is a unified notification hub for all types of important conditions found in Azure monitoring data. The integration of Azure Monitor alerts enables you to consume alerts, which are automatically transformed into events that are leveraged by Davis AI for deeper insights.

To set up monitoring notifications with Azure Monitor alerts, complete the following steps.

Create an API token

Configure one or more designated ActiveGates

Configure Azure Monitor alerts via webhook

Create an API token

To generate an API token

Go to Access Tokens.
Select Generate new token.
Enter a name for your token.
Find and select the Ingest metrics scope.
Select Generate token.
Select Copy to copy the generated token to the clipboard. Store the token in a password manager for future use.

You can assign multiple permissions to a single token, or you can generate several tokens, each with different access levels, and use them accordingly. Check your organization's security policies for best practices.

Configure one or more designated ActiveGates

The ActiveGate designated to consume Azure Monitor alerts doesn’t have to be the same ActiveGate that runs the Azure Monitor integration. It can be any other Azure monitoring-enabled ActiveGate.

To configure a designated ActiveGate to consume Azure Monitor alerts:

Configure a valid TLS certificate (not a self-signed certificate) for the ActiveGate to communicate via HTTPS. Ensure that the root certificate is accepted by Azure. For details, see how to configure custom SSL certificate for an ActiveGate.
Add the following lines to your ActiveGate custom.properties file and restart the ActiveGate after applying the configuration.
```
[azure_monitoring]
event_servlet = true
```
Give access to ActiveGate for Azure Monitor alerts source IP addresses.

For more details, see source IP address ranges in Azure documentation.

Configure Azure Monitor alerts via webhook

Currently, the events/alerts ingested via Azure Monitor alerts webhook don’t consume DDUs—although, it might change in the future.

Azure Monitor alerts consumed via webhooks are configured in your Azure Alert Rules. The alerts are mapped to the closest known matching entity. This means that they either map to their related Azure resource entity or, as a fallback, to the Azure subscription of the resource.

To configure Azure Monitor alerts via webhook, you need to create an alert rule and an action group that will trigger a webhook.

In Azure Portal, go to Home > Monitor > Alerts > Create > Alert rule.
Select Scope > Select scope.
Filter for and select the resource you want to monitor, and then select Done.
Select Condition > Add condition.
Filter for, select, and customize the signal type that will trigger your alert.
Select Next: Actions > Create action group.
Enter the subscription that will manage the deployed resources and costs, the resource group to which the subscription belongs, and the name (and display name) for the action group.
Select Actions and enter the following values:
- For Action type, select Webhook and enter a name.
- For URI, enter https://<YOUR_ACTIVEGATE_ADDRESS>:9999/modules/azure_monitoring/alerts_webhook?token=<YOUR_API_TOKEN>, making sure to replace <YOUR_ACTIVEGATE_ADDRESS> and <YOUR_API_TOKEN> with your own values.
Leave the common alert schema disabled, and then select OK.

The common alert schema is not supported.

Select Review and create > Create.

After the action group is created, you can view and edit it in Alerts > Action groups.

For more information, see Webhook rules in Azure documentation.

Alert types

The following alert types are supported.

Metric alerts

Metric alerts are complementary to Dynatrace integration of Azure Monitor metrics.

Metric alerts enable you to retrieve metric-based events without the need to push the metrics to Dynatrace. This is helpful in reducing API and network pressure, especially in cases where you might not need the metric (for example, for charting purposes).

The event type is defined based on alert Severity:

Sev-0 (Critical): ERROR_EVENT
Sev-1 (Error): PERFORMANCE_EVENT
Sev-2 (Warning): RESOURCE_CONTENTION_EVENT
Default (Informational): CUSTOM_ANNOTATION

Activity log alerts

Dynatrace supports three types of activity notifications.

Activity log resource health

The event type is defined based on severity Level:

Critical: AVAILABILITY_EVENT
Error: AVAILABILITY_EVENT
Default: CUSTOM_ANNOTATION

See Configure resource health alerts using Azure portal in Azure documentation for more information.

Activity log service health

The event type is defined based on IncidentType

Case ActionRequired: ERROR_EVENT
Case Incident or Security:
- Level Error: ERROR_EVENT
- Level Info or Warning: CUSTOM_ANNOTATION
Case Maintenance or Information: CUSTOM_ANNOTATION

Root cause analysis

Events with Properties.stage=RCA are skipped. We don't support stage RCA for service health.

See Create activity log alerts on service notifications using the Azure portal in Azure documentation for more information.

Activity log administrative

Default: CUSTOM_ANNOTATION