How can I suppress duplicate notifications from Azure Monitor alerts after receiving the first relevant alert?

Question

How can I suppress duplicate notifications from Azure Monitor alerts after receiving the first relevant alert?

Saurabh_Pilankar 0

I have configured pod restart alerts using a Log Analytics workspace, so that I receive an alert whenever a pod restarts. The alert evaluation frequency is set to every 5 minutes.

However, while I'm troubleshooting the issue, the alert keeps triggering every 5 minutes for the same pod, resulting in multiple duplicate notifications.

I would like to suppress these duplicate alerts — so that after the first alert is triggered, no additional notifications are sent for the same issue. Once the issue is resolved, if the pod restarts again in the future, I want to receive a new alert (but again, only once).

How can I configure this behavior in Azure Monitor?

Pranay Reddy Madireddy 4,510 Reputation points Microsoft External Staff Moderator

2025-04-25T17:46:32.4733333+00:00

Hi Saurabh_Pilankar
Just checking in to see if the below answer provided by @Jose Benjamin Solis Nolasco helped. If this answers your query, do click Accept Answer and Yes for was this answer helpful. And, if you have any further query do let us know.
Pranay Reddy Madireddy 4,510 Reputation points Microsoft External Staff Moderator

2025-04-28T20:27:34.35+00:00

Hi Saurabh_Pilankar

We haven't heard back from you. Please reply if you have any questions in this matter and we will gladly continue the discussion.

1 answer

Your answer

Pranay Reddy Madireddy 4,510 Reputation points Microsoft External Staff Moderator

2025-04-25T17:46:32.4733333+00:00

Hi Saurabh_Pilankar
Just checking in to see if the below answer provided by @Jose Benjamin Solis Nolasco helped. If this answers your query, do click Accept Answer and Yes for was this answer helpful. And, if you have any further query do let us know.
Pranay Reddy Madireddy 4,510 Reputation points Microsoft External Staff Moderator

2025-04-28T20:27:34.35+00:00

Hi Saurabh_Pilankar

We haven't heard back from you. Please reply if you have any questions in this matter and we will gladly continue the discussion.

Answer 1

Hello,

You can follow this guide https://learn.microsoft.com/en-us/azure/azure-monitor/alerts/alerts-processing-rules?tabs=portal in order to avoid duplicate alerts, there's not a single switch to do it you have multiple options like;

Aggregation adjustments (using a larger time window),
Auto-mitigation configuration, and/or
Custom query logic (to filter duplicate events),

Aggregation Window: Instead of simply running your query every five minutes over a short window, you can set an aggregation window that spans a longer period. For example, if you set your evaluation frequency to five minutes but use an aggregation window of 10 or 15 minutes, the query will only produce one result for multiple events within that period. This reduces the chance of getting repeatedly triggered alerts for the same event.

Auto-Mitigation: Some scheduled query alert types support an auto-mitigate (or “deduplication”) behavior. With auto-mitigation enabled, once an alert is triggered, Azure Monitor will not generate additional alert notifications until the alert condition resolves—that is, until the query returns no results in a subsequent evaluation. (Keep in mind that available options can vary between legacy and newer alert types.)

Ensure that your alert rule is configured so that when the condition stops being met (for example, when the pod stops restarting), the alert resolves before a new instance may be triggered.

😊 If my answer helped you resolve your issue, please consider marking it as the correct answer. This helps others in the community find solutions more easily. Thanks!

Share via

How can I suppress duplicate notifications from Azure Monitor alerts after receiving the first relevant alert?

1 answer

Your answer