Azure Logs

Create alerts in ilert based on Azure Logs queries.

In ilert: Create an Azure Alerts alert source

  1. Go to Alert sources --> Alert sources and click on Create new alert source

  2. Search for Azure Alerts in the search field, click on the Azure Alerts tile and click on Next.

  3. Give your alert source a name, optionally assign teams and click Next.

  4. Select an escalation policy by creating a new one or assigning an existing one.

  5. Select you Alert grouping preference and click Continue setup. You may click Do not group alerts for now and change it later.

  6. The next page show additional settings such as customer alert templates or notification prioritiy. Click on Finish setup for now.

  7. On the final page, an API key and / or webhook URL will be generated that you will need later in this guide.

In Azure: Create a query

  1. Go to Azure Portal and then to Monitor.

  1. Then go to Logs and create a query for which you’d like to create an alert.

  1. Then click on the New alert rule button**.**

  1. On the next page change the Condition for the alerts and click on the Add action groups.

  1. On the modal window click on the Create action group button.

  1. On the next page name the group e.g. iLert and click on the Actions tab.

  1. **On the Actions tab, click on the Action type and choose Webhook.**

  1. On the modal window in the URI section and **paste the Webhook URL that you generated in ilert and click on OK**. Name the action e.g.** ilert and click on the Review + create** button.

  1. On the next page click on the Create button.

  1. On the next page scroll down to the Alert rule details section, name the alert rule and click on the Create alert rule button.

  1. Finished! Your Azure Logs alerts will now create alerts in ilert.

FAQ

Will alerts in ilert be resolved automatically?

No, unfortunately Azure Log alert do not fire resolve events.

Can I connect Azure Sentinel with multiple alert sources from ilert?

Yes, simply create more alert rules in Azure Alerts

Last updated