Azure Alerts Setup

Azure Alerts Setup

Monitoring is only useful when it’s actionable — and that’s where alerts come in. Azure Monitor Alerts help you proactively respond to performance degradation, security anomalies, or operational issues by notifying you when conditions are met. In this blog, we’ll walk you through how to set up alerts in Azure using both the portal and CLI, and explain best practices for reliability.

📌 What Are Azure Alerts?

Azure Alerts are rule-based notifications triggered when specific conditions are met within your monitored resources. These conditions could be related to metrics, logs, or activity signals. Alerts can trigger emails, SMS, push notifications, or even automate remediation using Azure Functions or Logic Apps.

🎯 Types of Azure Alerts

• Metric Alerts: Triggered when a metric (CPU usage, disk IO, etc.) crosses a threshold.
• Log Alerts: Based on queries run on Azure Monitor Logs using Kusto Query Language (KQL).
• Activity Log Alerts: Triggered by subscription-level events like resource creation or deletion.
• Service Health Alerts: Triggered by changes in Azure service status in your region.

🖥️ Setting Up an Alert from Azure Portal

Follow these steps to create a metric alert from the Azure Portal:

1. Navigate to your Azure resource (e.g., a Virtual Machine).
2. Under Monitoring, click on Alerts > + New alert rule.
3. Select the target metric, such as Percentage CPU.
4. Set a condition (e.g., CPU > 80% for 5 minutes).
5. Choose an existing action group or create a new one (email, webhook, etc.).
6. Define the alert rule name and severity level (0 = critical, 4 = informational).
7. Review and create the alert.

This will notify you anytime your CPU exceeds the defined limit, helping you take action before service degradation.

📟 Creating Azure Alerts Using Azure CLI

If you prefer automation or scripting, Azure CLI provides a simple way to create alerts:

# Create an Action Group
az monitor action-group create \
  --resource-group myResourceGroup \
  --name NotifyOps \
  --short-name opsNotify \
  --email-receivers name=AdminEmail email=admin@example.com

# Create the alert rule
az monitor metrics alert create \
  --name HighCPUAlert \
  --resource-group myResourceGroup \
  --scopes /subscriptions/<sub-id>/resourceGroups/myResourceGroup/providers/Microsoft.Compute/virtualMachines/myVM \
  --condition "avg Percentage CPU > 80" \
  --description "Alert for CPU threshold breach" \
  --action NotifyOps

This will automatically generate a metric alert on a VM’s CPU usage and notify via email.

🔍 Creating Log-Based Alerts

Log alerts are created using Kusto Query Language (KQL). For example, if you want to detect failed login attempts, write a query like:

SigninLogs
| where ResultType == 50074
| summarize count() by bin(TimeGenerated, 5m)

Use this query when setting up a log alert in the portal or via az monitor scheduled-query commands. Log alerts are useful for advanced filtering and application-level errors.

⚙️ Configuring Action Groups

Action Groups define the how of alert response — who gets notified and how. An action group can include:

• Email notifications
• SMS alerts
• Webhook triggers
• Azure Functions or Logic Apps
• ITSM integration for ticketing systems

az monitor action-group update \
  --name NotifyOps \
  --add-action webhook1 webhook https://example.com/hook

This adds a webhook trigger to your existing action group.

📊 Monitoring and Managing Alerts

Once alerts are set up, you can monitor them from:

• Azure Portal: Monitor > Alerts section shows active and past alerts.
• Azure CLI: Use az monitor metrics alert list to view alerts programmatically.
• Azure Monitor Workbooks: Create custom visual dashboards for alert trends and performance.

🛡️ Best Practices

• Group related alerts by resource type or environment (e.g., prod/dev).
• Use severity levels to prioritize response (e.g., severity 0 for outages).
• Avoid alert fatigue by tuning thresholds and using dynamic metrics where available.
• Test alert actions periodically to ensure contacts and webhooks are working.

✅ Conclusion

Setting up alerts in Azure is a foundational step for operational excellence. By combining metric alerts for performance, log alerts for application issues, and action groups for response, you can stay ahead of problems before users are affected. Whether you use the portal or automate with CLI, Azure Alerts give you the tools to build a truly proactive cloud monitoring strategy.