Skip to content

Latest commit

 

History

History
30 lines (24 loc) · 1.6 KB

README.md

File metadata and controls

30 lines (24 loc) · 1.6 KB

AzureMonitorAlertToSlack

A library for summarizing Azure alerts (using JWMB.AzureMonitorCommonAlertSchemaTypes) and posting them to Slack (using SlackNet).

Real-world usage example here: https://github.com/JWMB/AzureFunctionAlert2Slack/blob/main/AzureFunctionAlert2Slack/RequestToSlackFunction.cs

Notes

  • Provide a custom Azure message summarizer by injecting your own implementation of IDemuxedAlertHandler into AlertInfoFactory
    • The design ensures that when JWMB.AzureMonitorCommonAlertSchemaTypes is extended with more signal types, the IDemuxedAlertHandler must implement those additions (or it will not compile)
  • (In progress) For Log Alerts V2 where SearchQuery is present, fetch query results from the corresponding Azure service (Log Analytics or Application Insights)
    • Currently relies on Managed Identity authorization
    • Azure.Monitor.Query.LogsQueryClient doesn't parse the response properly

Simplified usage (error handling omitted for readability)

[FunctionName("HttpAlertToSlack")]
public static async Task<IActionResult> Run(
    [HttpTrigger(AuthorizationLevel.Function, "post", Route = null)] HttpRequest req,
    IAlertInfoFactory alertInfoFactory, IMessageSender sender,
    ILogger log)
{
    var requestBody = await new StreamReader(req.Body).ReadToEndAsync();
    var summary = await alertInfoFactory.Process(requestBody);
    var messages = messageFactory.CreateMessages(summary);

    await sender.SendMessage(messages);

    return new OkObjectResult("");
}