How to send events to Azure monitor alerts (Preview)
This article describes how Azure Event Grid delivers Azure Key Vault events as Azure Monitor alerts.
Important
Azure Monitor alerts as a destination in Event Grid event subscriptions is currently available only for Azure Key Vault system events.
Overview
Azure Monitor alerts help you detect and address issues before users notice them by proactively notifying you when Azure Monitor data indicates there might be a problem with your infrastructure or application.
Azure Monitor alerts as a destination in Event Grid event subscriptions allow you to receive notification of critical events via Short Message Service (SMS), email, push notification, and more. You can leverage the low latency event delivery of Event Grid with the direct notification system of Azure Monitor alerts.
Azure Monitor alerts
Azure Monitor alerts have three resources: alert rules, alert processing rules, and action groups. Each of these resources is its own independent resource and can be mixed and matched with each other.
- Alert rules: defines a resource scope and conditions on the resources’ telemetry. If conditions are met, it fires an alert.
- Alert processing rules: modify the fired alerts as they're being fired. You can use these rules to add or suppress action groups, apply filters, or have the rule processed on a predefined schedule.
- Action groups: defines how the user wants to be notified. It’s possible to create alert rules without an action group if the user simply wants to see telemetry condition metrics.
Creating alerts from Event Grid events provides you with the following benefits.
- Additional actions: You can connect alerts to action groups with actions that aren't supported by event handlers. For example, sending notifications using email, SMS, voice call, and mobile push notifications.
- Easier viewing experience of events/alerts: You can view all alerts on their resources from all alert types in one place, including alerts portal experience, Azure Mobile app experience, Azure Resource Graph queries, etc.
- Alert processing rules: You can use alert processing rules, for example, to suppress notifications during planned maintenance.
How to subscribe to Azure Key Vault system events
Azure Key Vault can emit events to a system topic when a certificate, key, or secret is about to expire (30 days heads up), and other events when they do expire. For more information, see (Azure Key Vault event schema). You can set up alerts on these events so you can fix expiration issues before your services are affected.
Prerequisites
Create a Key Vault resource by following instructions from Create a key vault using the Azure portal.
Create and configure the event subscription
When creating an event subscription, follow these steps:
- Enter a name for event subscription.
- For Event Schema, select the event schema as Cloud Events Schema v1.0. It's the only schema type that's supported for Azure Monitor alerts destination).
- Select the Topic Type to Key Vault.
- For Source Resource, select the Key Vault resource.
- Enter a name for the Event Grid system topic to be created.
- For Filter to Event Types, select the event types that you're interested in.
- For Endpoint Type, select Azure Monitor Alert as a destination.
- Select Configure an endpoint link.
- On the Select Monitor Alert Configuration page, follow these steps.
Select the alert severity.
Select the action group (optional), see Create an action group in the Azure portal.
Enter a description for the alert.
Select Confirm Selection.
- Now, on the Create Event Subscription page, select Create to create the event subscription. For detailed steps, see subscribe to events through portal.
Manage fired alerts
You can manage the subscription directly in the source (e.g. Key Vault resource) by selecting the Events blade or by accessing to the Event Grid system topic resource, see the following references: blob event quickstart, and manage the system topic.
Fire alert instances
Now, Key Vault events will appear as alerts and you can view them in alerts blade. See this article to learn how to manage alert instances.
Next steps
See the following articles:
Feedback
https://aka.ms/ContentUserFeedback.
Coming soon: Throughout 2024 we will be phasing out GitHub Issues as the feedback mechanism for content and replacing it with a new feedback system. For more information see:Submit and view feedback for