Create alerts in ilert based on Azure Logs queries.
- 1.Go to the "Alert sources" tab and click Create new alert source
- 2.Enter a name and select your desired escalation policy. Select "Azure Alerts" as the Integration Type and click on Save.
- 1.On the next page, a Webhook URL is generated. You will need this URL below when setting up the alert action in Azure Alerts.
- 1.Then go to Logs and create a query for which you’d like to create an alert.
- 1.Then click on the New alert rule button**.**
- 1.On the next page change the Condition for the alerts and click on the Add action groups.
- 1.On the modal window click on the Create action group button.
- 1.On the next page name the group e.g. iLert and click on the Actions tab.
- 1.**On the Actions tab, click on the Action type and choose Webhook.**
- 1.On the modal window in the URI section and **paste the Webhook URL that you generated in ilert and click on OK**. Name the action e.g.** ilert and click on the Review + create** button.
- 1.On the next page click on the Create button.
- 1.On the next page scroll down to the Alert rule details section, name the alert rule and click on the Create alert rule button.
Finished! Your Azure Logs alerts will now create alerts in ilert.
Will alerts in ilert be resolved automatically?
No, unfortunately Azure Log alert do not fire resolve events.
Can I connect Azure Sentinel with multiple alert sources from ilert?
Yes, simply create more alert rules in Azure Alerts