如何将常见警报架构与逻辑应用集成How to integrate the common alert schema with Logic Apps

本文介绍如何创建一个逻辑应用,以利用常见警报架构来处理所有警报。This article shows you how to create a logic app that leverages the common alert schema to handle all your alerts.

概述Overview

常见警报架构跨各种不同警报类型提供一种标准化的可扩展 JSON 架构。The common alert schema provides a standardized and extensible JSON schema across all your different alert types. 在通过 Webhook、Runbook 和逻辑应用以编程方式利用时,常见警报架构最有用。The common alert schema is most useful when leveraged programmatically - through webhooks, runbooks, and logic apps. 本文演示如何编写单个逻辑应用以处理所有警报。In this article, we demonstrate how a single logic app can be authored to handle all your alerts. 对于其他编程方法,可以运用相同的原则。The same principles can be applied to other programmatic methods. 本文中所述的逻辑应用为“重要”字段创建了明确定义的变量,并且还描述了如何处理特定于警报类型的逻辑。The logic app described in this article creates well-defined variables for the 'essential' fields, and also describes how you can handle alert type specific logic.

必备条件Prerequisites

本文假设读者熟悉以下操作This article assumes that the reader is familiar with

创建一个利用常见警报架构的逻辑应用Create a logic app leveraging the common alert schema

  1. 创建逻辑应用。Create your logic app.

  2. 选择触发器:“当收到 HTTP 请求时”。Select the trigger: When a HTTP request is received.

    逻辑应用触发器Logic app triggers

  3. 选择“编辑”更改 HTTP 请求触发器。Select Edit to change the HTTP request trigger.

    HTTP 请求触发器HTTP request triggers

  4. 复制并粘贴以下架构:Copy and paste the following schema:

        {
            "type": "object",
            "properties": {
                "schemaId": {
                    "type": "string"
                },
                "data": {
                    "type": "object",
                    "properties": {
                        "essentials": {
                            "type": "object",
                            "properties": {
                                "alertId": {
                                    "type": "string"
                                },
                                "alertRule": {
                                    "type": "string"
                                },
                                "severity": {
                                    "type": "string"
                                },
                                "signalType": {
                                    "type": "string"
                                },
                                "monitorCondition": {
                                    "type": "string"
                                },
                                "monitoringService": {
                                    "type": "string"
                                },
                                "alertTargetIDs": {
                                    "type": "array",
                                    "items": {
                                        "type": "string"
                                    }
                                },
                                "originAlertId": {
                                    "type": "string"
                                },
                                "firedDateTime": {
                                    "type": "string"
                                },
                                "resolvedDateTime": {
                                    "type": "string"
                                },
                                "description": {
                                    "type": "string"
                                },
                                "essentialsVersion": {
                                    "type": "string"
                                },
                                "alertContextVersion": {
                                    "type": "string"
                                }
                            }
                        },
                        "alertContext": {
                            "type": "object",
                            "properties": {}
                        }
                    }
                }
            }
        }
    
  5. 依次选择“+ 新建步骤”、“添加操作” 。Select + New step and then choose Add an action.

    添加操作Add an action

  6. 在此阶段,可以根据具体的业务要求添加各种连接器(Microsoft Teams、Slack、Salesforce 等)。At this stage, you can add a variety of connectors (Microsoft Teams, Slack, Salesforce, etc.) based on your specific business requirements. 可以使用现成的“重要字段”。You can use the 'essential fields' out-of-the-box.

    重要字段Essential fields

    或者,可以使用“表达式”选项基于警报类型编写条件逻辑。Alternatively, you can author conditional logic based on the alert type using the 'Expression' option.

    逻辑应用表达式Logic app expression

    “monitoringService”字段可用于唯一标识警报类型,基于该警报类型,可以创建条件逻辑。The 'monitoringService' field allows you to uniquely identify the alert type, based on which you can create the conditional logic.

    例如,以下代码片段会检查警报是否为基于 Application Insights 的日志警报,如果是,则会输出搜索结果。For example, the below snippet checks if the alert is a Application Insights based log alert, and if so prints the search results. 否则,输出“不可用”。Else, it prints 'NA'.

      if(equals(triggerBody()?['data']?['essentials']?['monitoringService'],'Application Insights'),triggerBody()?['data']?['alertContext']?['SearchResults'],'NA')
    

    详细了解如何编写逻辑应用表达式Learn more about writing logic app expressions.

后续步骤Next steps