Azure Logic apps and Azure Alerts - Getting info from the logs

Question

Hi,&nbsp;I have been migrating from legacy log alerts to scheduled query rules which I use for monitoring our on-prem server.&nbsp; The process was painless but the new email alerts compared to the legacy ones are missing important fields like computer name, event data and description which means we have to go into Azure, drill through the logs and find the issue - time consuming.&nbsp;I then found I could use Azure Logic apps for the alert notifications and following this Microsoft guide (LINK) I got that setup and it is working but I am still missing the fields in the email.&nbsp; My questions is how do I pull in the data from the Log query result into the Logic App, ideally I'd want the following columns from the logs - Computer, Eventlevelname, RenderedDescription.&nbsp;Any pointers gratefully received.&nbsp;CheersRob

matthias-braun · Answer

Hi&nbsp;Rob-CTL&nbsp;&nbsp;I don't know the procedure directly, as I haven't yet done it via a logic app, but I have noticed the following:&nbsp;The alert schema is inserted in point 8 (Create Logic App). This is the data that can be transferred/used from Azure.&nbsp;The schema must therefore be extended. For example, the server name is:&nbsp;,
"configurationItems": {
      "type": "string"
}&nbsp;&nbsp;Now the "configraitonItems" field should also be available in the Send to email v2 action.&nbsp;Assuming, obviously, that the alert contains these details.&nbsp;I hope this helps you a bitMatthias&nbsp;&nbsp;

Forum Discussion

Azure Logic apps and Azure Alerts - Getting info from the logs

1 Reply

Resources