Share via

Custom webhook payloads for Smart Alerts with Common Alert Schema

Jens 0 Reputation points
2025-01-03T11:24:26.8966667+00:00

I'm trying to define an alert rule for a Smart Alert, where the trigger should be an action group with a webhook using the Common Alert Schema. I need to include some custom properties to the webhook as well.

I'm currently defining the alert rule using terraform, and the definition looks something like this:

resource "azurerm_monitor_smart_detector_alert_rule" "MemoryLeakDetector" {
  enabled             = true
  name                = "MemoryLeakDetector"
  resource_group_name = var.resource_group_name
  severity            = "Sev3"
  scope_resource_ids  = [var.scope_resource_id]
  frequency           = "P1D"
  detector_type       = "MemoryLeakDetector"
  action_group {
    ids = [var.oncall_action_group_id]
    webhook_payload = jsonencode({
      CustomProperty1 = "FooBar"
    })
  }
}

For the custom payload that ends up in the JSON definition of the rule under properties.actionGroups.customWebhookPayload which is different from when I define regular metric/log search rules. Those also have the action group part of terraform looking slightly different, like this instead:

action {
  action_group_id = var.oncall_action_group_id
  webhook_properties = {
    CustomProperty1 = "FooBar"
  }
}

And then it instead ends up in the JSON definition in properties.actions.customProperties.

For the regular metric/log search rules, when they are triggered the custom payload comes through and is present as described by the common alert schema. However, for the Smart Alert rules, the custom payload isn't present in the body of the call to the webhook at all.

All rules use the same action group with the same webhook, and all of them use the common alert schema.

Is there something wrong with my assumptions here, and how can I get the custom payload onto the body of the call when using smart alert rules?

Azure Monitor
Azure Monitor
An Azure service that is used to collect, analyze, and act on telemetry data from Azure and on-premises environments.
3,412 questions

1 answer

Sort by: Most helpful
Most helpful Newest Oldest
  1. Pranay Reddy Madireddy 1,395 Reputation points Microsoft Vendor
    2025-01-06T22:38:40.9033333+00:00

    Hi Jens

    Welcome to the Microsoft Q&A Platform! Thank you for asking your question here.

    In Smart Alerts, the webhook_payload you specify is saved under properties.actionGroups.customWebhookPayload, but this payload may not be included in the body of the webhook call when the alert is triggered.

    For metric or log alerts, the webhook_properties are sent in the alert payload under properties.actions.customProperties, enabling custom properties to be directly transmitted to your webhook.

    The Common Alert Schema allows for custom properties, but how these properties are used varies by alert type. For Smart Alerts, there are limits on what can be included in the webhook call, which can be confusing for users who expect it to work like metric or log alerts.

    For reference, please review this documentation:-
    https://zcusa.951200.xyz/en-us/azure/azure-monitor/alerts/alerts-common-schema?WT.mc_id=modinfra-67716-pierrer

    If you have any further queries, do let us know.

    If the answer is helpful, please click "Accept Answer" and "Upvote it".

    0 comments

Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.