Today’s organizations are using multiple tools and environments for their day-to-day operation. As a result, many prefer a one central management system to operate their service across the stack. The integration of Azure Monitor Alerts with ITSM ticketing systems (e.g. ServiceNow) was created with this goal in mind.
Azure Monitor is a cloud-based offering that helps you to reliably monitor the performance and availability of your cloud services. Azure Monitor collects and analyzes telemetry from your cloud as well as on-premises environments. Azure Monitor alerts uses this data and gives proactively notifies you when a metric value or a log query result indicates a problem.
Why do we need integration between Azure Alerts and ITSM systems?
Integrating a monitoring and service management systems provides a single view of tickets/incidents in one central system regardless the underlying cloud technology. Thus, it enables a multi-cloud strategy of monitoring both cloud and on-premises services integrated with all the other monitored items in an organization.
When an organization has common processes and one unified KPI management system, they can operate across their stack view and improve per the operational and business needs.
How can we establish the integration between Azure Alerts and ITSM systems?
out of the various ways to integrate, in this article we will explore two integration options ITSM connector integration and logic app.
As a customer, you can select how you want to be notified about an alert using action group. Notification can go through email, SMS, Webhook or even an automated solution. You can also choose to use ITSM or a Logic app:
Code exmaple:
{
"definition": {
"$schema": "https://schema.management.azure.com/providers/Microsoft.Logic/schemas/2016-06-01/workflowdefinition.json#",
"actions": {
"Create_Record": {
"inputs": {
"body": {
"assigned_to": "Customer",
"assignment_group": "Best Practices Group",
"business_service": "SAP Enterprise Services",
"caller_id": "Caller",
"category": "Network",
"cmdb_ci": "@triggerBody()?['data']?['essentials']?['originAlertId']",
"contact_type": "Email",
"description": "@triggerBody()?['data']?['essentials']?['alertId']",
"impact": "1",
"number": "@triggerBody()?['data']?['essentials']?['alertId']",
"priority": "2",
"severity": "@triggerBody()?['data']?['essentials']?['severity']",
"short_description": "Desc",
"subcategory": "retailEUS8",
"urgency": "3",
"work_notes_list": "Notes\nNotes\nNotes"
},
"host": {
"connection": {
"name": "@parameters('$connections')['service-now']['connectionId']"
}
},
"method": "post",
"path": "/api/now/v2/table/@{encodeURIComponent('incident')}",
"queries": {
"sysparm_display_value": true,
"sysparm_exclude_reference_link": true
}
},
"runAfter": {},
"type": "ApiConnection"
},
"HTTP_Webhook": {
"inputs": {
"subscribe": {
"body": "×@{triggerBody()?['data']}",
"method": "POST",
"uri": "https://ven01958.service-now.com/api/now/v2/table/incident"
},
"unsubscribe": {}
},
"runAfter": {
"HTTP_Webhook_2": [
"Succeeded"
]
},
"type": "HttpWebhook"
},
"HTTP_Webhook_2": {
"inputs": {
"subscribe": {
"body": "@triggerBody()?['data']",
"method": "POST",
"uri": "https://webhook.site/5fdbe59b-f395-40df-af4d-8a91a7462c96"
},
"unsubscribe": {}
},
"runAfter": {},
"type": "HttpWebhook"
}
},
"contentVersion": "1.0.0.0",
"outputs": {},
"parameters": {
"$connections": {
"defaultValue": {},
"type": "Object"
}
},
"triggers": {
"manual": {
"inputs": {
"schema": {
"properties": {
"data": {
"properties": {
"alertContext": {
"properties": {},
"type": "object"
},
"essentials": {
"properties": {
"alertContextVersion": {
"type": "string"
},
"alertId": {
"type": "string"
},
"alertRule": {
"type": "string"
},
"alertTargetIDs": {
"items": {
"type": "string"
},
"type": "array"
},
"description": {
"type": "string"
},
"essentialsVersion": {
"type": "string"
},
"firedDateTime": {
"type": "string"
},
"monitorCondition": {
"type": "string"
},
"monitoringService": {
"type": "string"
},
"originAlertId": {
"type": "string"
},
"resolvedDateTime": {
"type": "string"
},
"severity": {
"type": "string"
},
"signalType": {
"type": "string"
}
},
"type": "object"
}
},
"type": "object"
},
"schemaId": {
"type": "string"
}
},
"type": "object"
}
},
"kind": "Http",
"type": "Request"
}
}
},
"parameters": {
"$connections": {
"value": {
"service-now": {
"connectionId": "/subscriptions/9b224e0b-fa4c-40eb-9472-d7798d293138/resourceGroups/Noga-RG/providers/Microsoft.Web/connections/service-now",
"connectionName": "service-now",
"id": "/subscriptions/9b224e0b-fa4c-40eb-9472-d7798d293138/providers/Microsoft.Web/locations/centralus/managedApis/service-now"
}
}
}
}
}
What are the pros and cons for each option?
ITSM connector:
Logic app:
In conclusion, the main difference between the two is the robustness of the integration. ITSM is easy to use though it is robust. Logic apps on the other hand are very flexible, but the configuration might be complex. As a customer, you need to define your priorities and evaluate which is the best solution for your organization.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.