操作说明:配置警报并使用挂钩获取通知How-to: Configure alerts and get notifications using a hook

指标顾问检测到异常后,将使用挂钩根据警报设置触发警报通知。After an anomaly is detected by Metrics Advisor, an alert notification will be triggered based on alert settings, using a hook. 警报设置可用于多个检测配置,可以使用各种参数自定义警报规则。An alert setting can be used with multiple detection configurations, various parameters are available to customize your alert rule.

创建挂钩Create a hook

指标顾问支持三种不同类型的挂钩:电子邮件挂钩、Web 挂钩和 Azure DevOps。Metrics Advisor supports three different types of hooks: email hook, web hook and Azure DevOps. 可以选择适用于特定场景的挂钩。You can choose the one that works for your specific scenario.

电子邮件挂钩Email hook

备注

指标顾问资源管理员需要配置电子邮件设置,并在发送异常警报之前将 SMTP 相关信息输入指标顾问。Metrics Advisor resource administrators need to configure the Email settings, and input SMTP related information into Metrics Advisor before anomaly alerts can be sent. 资源组管理员或订阅管理员需要在指标顾问资源的“访问控制”选项卡中至少分配一个“认知服务指标顾问管理员”角色。The resource group admin or subscription admin needs to assign at least one Cognitive Services Metrics Advisor Administrator role in the Access control tab of the Metrics Advisor resource. 详细了解电子邮件设置配置Learn more about e-mail settings configuration.

若要创建电子邮件挂钩,可使用以下参数:To create an email hook, the following parameters are available:

电子邮件挂钩是将异常警报发送到“电子邮件收件人”部分中指定的电子邮件地址的通道。An email hook is the channel for anomaly alerts to be sent to email addresses specified in the Email to section. 系统将发送两种类型的警报电子邮件:“数据馈送不可用”警报和“事件报表”,其中包含一个或多个异常 。Two types of alert emails will be sent: Data feed not available alerts, and Incident reports which contain one or multiple anomalies.

参数Parameter 描述Description
名称Name 电子邮件挂钩的名称Name of the email hook
电子邮件收件人Email to 要向其发送警报的电子邮件地址Email addresses that would send alert to
外部链接External link 启用自定义重定向的可选字段,例如用于故障排除注释。Optional field which enables a customized redirect, such as for troubleshooting notes.
自定义异常警报标题Customized anomaly alert title 标题模板支持 ${severity}${alertSettingName}${datafeedName}${metricName}${detectConfigName}${timestamp}${topDimension}${incidentCount}${anomalyCount}Title template supports ${severity}, ${alertSettingName}, ${datafeedName}, ${metricName}, ${detectConfigName}, ${timestamp}, ${topDimension}, ${incidentCount}, ${anomalyCount}

单击“确定”后,将创建电子邮件挂钩。After you click OK, an email hook will be created. 可以在任何警报设置中使用它来接收异常警报。You can use it in any alert settings to receive anomaly alerts.

Web 挂钩Web hook

备注

  • 使用 POST 请求方法。Use the POST request method.
  • 请求正文将类似于:The request body wil be similar to:
    {"timestamp":"2019-09-11T00:00:00Z","alertSettingGuid":"49635104-1234-4c1c-b94a-744fc920a9eb"}
  • 创建或修改 Web 挂钩时,API 将作为具有空请求正文的测试被调用。When a web hook is created or modified, the API will be called as a test with an empty request body. API 需要返回 200 HTTP 代码。Your API needs to return a 200 HTTP code.

Web 挂钩是指标顾问服务中所有可用信息的入口点,并在触发警报时调用用户提供的 API。A web hook is the entry point for all the information available from the Metrics Advisor service, and calls a user-provided api when an alert is triggered. 所有警报都可以通过 Web 挂钩发送。All alerts can be sent through a web hook.

若要创建 Web 挂钩,需要添加以下信息:To create a web hook, you will need to add the following information:

参数Parameter 说明Description
端点Endpoint 触发警报时要调用的 API 地址。The API address to be called when an alert is triggered.
用户名/密码Username / Password 用于对 API 地址进行身份验证。For authenticating to the API address. 如果不需要身份验证,则将其保留为黑色。Leave this black if authentication isn't needed.
标头Header API 调用中的自定义标头。Custom headers in the API call.

Web 挂钩创建窗口。

通过 Web 挂钩推送通知时,可以使用以下 API 获取警报的详细信息。When a notification is pushed through a web hook, you can use the following APIs to get details of the alert. 在 API 服务中设置要推送到的“时间戳”和“alertSettingGuid”,然后使用以下查询 :Set the timestamp and alertSettingGuid in your API service, which is being pushed to, then use the following queries:

  • query_alert_result_anomalies
  • query_alert_result_incidents

Azure DevOpsAzure DevOps

指标顾问还支持在 Azure DevOps 中自动创建工作项,以在检测到任何异常时跟踪问题/bug。Metrics Advisor also supports automatically creating a work item in Azure DevOps to track issues/bugs when any anomaly detected. 所有警报都可以通过 Azure DevOps 挂钩发送。All alerts can be sent through Azure DevOps hooks.

若要创建 Azure DevOps 挂钩,需要添加以下信息To create an Azure DevOps hook, you will need to add the following information

参数Parameter 描述Description
名称Name 挂钩的名称A name for the hook
组织Organization DevOps 所属的组织The organization that your DevOps belongs to
ProjectProject DevOps 中的特定项目。The specific project in DevOps.
访问令牌Access Token 用于对 DevOps 进行身份验证的令牌。A token for authenticating to DevOps.

备注

如果希望指标顾问基于异常警报创建工作项,则需要授予写入权限。You need to grant write permissions if you want Metrics Advisor to create work items based on anomaly alerts. 创建挂钩后,可以在任何警报设置中使用它们。After creating hooks, you can use them in any of your alert settings. 在“挂钩设置”页中管理挂钩。Manage your hooks in the hook settings page.

添加或编辑警报设置Add or edit alert settings

转到指标详细信息页,在指标详细信息页的左下角找到“警报设置”部分。Go to metrics detail page to find the Alert settings section, in the bottom left corner of metrics detail page. 它列出了应用于所选检测配置的所有警报设置。It lists all alert settings that apply to the selected detection configuration. 创建新的检测配置时,没有警报设置,并且不会发送任何警报。When a new detection configuration is created, there's no alert setting, and no alerts will be sent.
可以使用“添加”、“编辑”和“删除”图标来修改警报设置 。You can use the add, edit and delete icons to modify alert settings.

“警报设置”菜单项。

单击“添加”或“编辑”按钮,获取用于添加或编辑警报设置的窗口 。Click the add or edit buttons to get a window to add or edit your alert settings.

添加或编辑警报设置

警报设置名称:此警报设置的名称。Alert setting name: The name of this alert setting. 它将显示在警报电子邮件标题中。It will be displayed in the alert email title.

挂钩:要向其发送警报的挂钩列表。Hooks: The list of hooks to send alerts to.

上面屏幕截图中标记的部分是一个检测配置的设置。The section marked in the screenshot above are the settings for one detecting configuration. 可以为不同的检测配置设置不同的警报设置。You can set different alert settings for different detection configurations. 使用此窗口中的第三个下拉列表选择目标配置。Choose the target configuration using the third drop-down list in this window.

筛选器设置Filter settings

以下是一个检测配置的筛选器设置。The following are filter settings for one detection configuration.

“警报项”有 4 个用于筛选异常的选项:Alert For has 4 options for filtering anomalies:

  • 所有序列中的异常:警报中将包括所有异常。Anomalies in all series: All anomalies will be included in the alert.
  • 序列组中的异常:按维度值筛选序列。Anomalies in the series group: Filter series by dimension values. 为某些维度设置特定值。Set specific values for some dimensions. 只有当序列与指定值匹配时,警报中才包含异常。Anomalies will only be included in the alert when the series matches the specified value.
  • 偏好序列中的异常:警报中仅包含标记为偏好的序列。Anomalies in favorite series: Only the series marked as favorite will be included in the alert. |
  • 所有序列的前 N 个异常:此筛选器用于仅考虑其值位于前 N 的序列的情况。我们将回顾一些时间戳,并查看这些时间戳处的序列值是否处于前 N。如果“在前 n”计数大于指定数字,则异常将包含在警报中。Anomalies in top N of all series: This filter is for the case that you only care about the series whose value is in the top N. We will look back some timestamps, and check if value of the series at these timestamp are in top N. If the "in top n" count is larger than the specified number, the anomaly will be included in an alert. |

筛选器异常选项是包含以下选项的附加筛选器:Filter anomaly options is an additional filter with the following options:

  • 严重性:只有当异常严重性在指定范围内时,才包括异常。severity : The anomaly will only be included when the anomaly severity is within the specified range.
  • 推迟:触发警报时,在接下来的 N 个点(期间)中暂时停止对于异常的警报。Snooze : Stop alerts temporarily for anomalies in the next N points (period), when triggered in an alert.
    • 推迟类型:如果设置为“序列”,则触发的异常将只推迟其序列。snooze type : When set to Series, a triggered anomaly will only snooze its series. 对于“指标”,一个触发的异常将推迟此指标中的所有序列。For Metric, one triggered anomaly will snooze all the series in this metric.
    • 推迟数量:要推迟的点(期间)的数量。snooze number : the number of points (period) to snooze.
    • 非连续的重置:选择此选项后,触发的异常只会推迟接下来的 n 个连续异常。reset for non-successive : When selected, a triggered anomaly will only snooze the next n successive anomalies. 如果以下数据点之一不是异常,则从该点重置推迟;如果不选择此选项,触发的异常将推迟接下来的 n 个点(周期),即使连续的数据点不是异常。If one of the following data points isn't an anomaly, the snooze will be reset from that point; When unselected, one triggered anomaly will snooze next n points (period), even if successive data points aren't anomalies.
  • 值(可选):按值筛选。value (optional) : Filter by value. 只有满足条件的点值,将包含异常。Only point values that meet the condition, anomaly will be included. 如果使用另一个指标的相应值,则两个指标的维度名称应一致。If you use the corresponding value of another metric, the dimension names of the two metrics should be consistent.

未筛选掉的异常将在警报中发送。Anomalies not filtered out will be sent in an alert.

添加交叉指标设置Add cross-metric settings

单击警报设置页中的“+ 添加交叉指标设置”以添加其他部分。Click + Add cross-metric settings in the alert settings page to add another section.

“运算符”选择器是每个部分的逻辑关系,用于确定它们是否发送警报。The Operator selector is the logical relationship of each section, to determine if they send an alert.

操作员Operator 说明Description
ANDAND 仅当序列与每个警报部分匹配且所有数据点是异常时发送警报。Only send an alert if a series matches each alert section, and all data points are anomalies. 如果指标具有不同的维度名称,则永远不会触发警报。If the metrics have different dimension names, an alert will never be triggered.
OROR 如果至少有一个部分包含异常,则发送警报。Send the alert if at least one section contains anomalies.

多个警报设置部分的运算符

后续步骤Next steps