![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(201.6, 78%, 29%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ESR%3C/text%3E%3C/svg%3E)
Azure Monitor
An Azure service that is used to collect, analyze, and act on telemetry data from Azure and on-premises environments.
2,812 questions
Hi,
The ability to customize the webhook payload was available in legacy API for Log Alerts. More here and here. Recommendation is to migrate to the new API for alerts. Probably the portal was updated to use the new API only or you are using it on workspace that was created after June 2019. If you use the new API (scheduledQueryRules) with version 2018-04-16 you are using Log Alert v1 and if you use with version 2021-02-01-preview you are using Log Alert v2. Both of these APIs support adding custom static data to the webhook payload via customWebhookPayload property. If you use Log Alert v1 search results will be send via the webhook payload. If you use Log Alert v2 only the fields (columns) defined in dimensions will be send via the webhook payload. If you want the full search results with Log Alert v2 in the webhook payload you have links to the Log Analytics query API that you can use to get the data programmatically. I am not sure if customWebhookPayload is exposed trough the Portal but it should be possible to define it if you use the API via ARM template deployments for example. In any case it is best to plan your migration from legacy API to Log Alert v1 or v2.
Please "Accept the answer" if the information helped you. This will help us and others in the community as well.