Azure Monitor start capturing metrics and logs for many resources as soon as they are created. In this article, we will see how to configure alert rules to send the mail.
Prerequisites
To complete the example in this tutorial, you must have an existing virtual machine connected to the Log Analytics workspace.
Below are the blog posts which you can use to perform all the steps to achieve this:
What are Alerts ?
Alerts can be created by using Alert rules in Azure Monitor. They can run the saved queries at regular intervals.
The alerts can be created based on specific performance metric, or when some events are created, or because of absence of events in certain time duration, or because of number of events created in certain time duration.
For example, we can create alert when the CPU usage exceeds 75% or we can also create alert if the free space on disk is less than 20%.
In this article, we will try to create an alert which sends email when CPU usage exceeds 1% as we can easily trigger this situation from VM. Please note that we are going to create this alert rule on Log Analytics workspace in this demo.
Create Alert in Log Analytics
Login to Azure Portal and search Log Analytics Workspace in the search box provided in top navigation. Then select Alerts from left navigation and then click on New alert rule.
The new page has 4 sections:
Scope
Select appropriate subscription and log analytics workspace. This is by default selected when the page is opened, but you should check it to make sure that all inputs are correct.
Conditions
Click on Select condition which will open a new panel on right hand side. On the right hand side panel, select the metrics that we want to create alert for. We want to send mail notification when used memory exceeds 75%.
So, select % Processor Time from the list.
On next screen, you can configure how comparison operator (e.g. equals, less than, greater than etc.), aggregation type (average, min, max, etc) and Threshold value for alert to trigger.
After entering details as shown above, click on Done to configure alert logic.
Action Groups
Next, click on Select action group link on the page. This action would open the page on right side. On this new panel, you can either create new action group or you can select existing one.
Select existing Application Insights Smart Detection, which will trigger mail notification to contributor and monitor roles. Then click on Select button.
Details
In this section, you can specify the name of alert, description and its severity. Make sure the checkbox to enable the rule upon creation is enabled.
After entering all these details, click on Create alert rule. The rule creation and activate may take few minutes.
Verifying that alert works
Login to the virtual machine and try to do some work. I logged into my linux virtual machine. I ran curl command and tried to hit YouTube home page multiple times and that increased CPU usage beyond 2 percent.
Then if you navigate to log analytics workspace and select Alert from left side navigation, you should be able to see the alerts generated as shown in below snapshot.
We have seen that how easy it is to configure alerts. If multiple virtual machines are sending insights to same log analytics workspace, the alert rule can be one single place where all monitoring can be done.
I hope you enjoyed this article. Let me know your thoughts.
