如何使用 Azure 警报格式化包含 Teams 消息的 Azure 逻辑应用 JSON 负载?
问题描述 投票:0回答:1
我一直在尝试配置 Azure 警报(特别是 VM 磁盘空间不足查询),以在每次使用 Azure 逻辑应用触发警报时向 Teams 通道发送消息。它做了它应该做的事情,但是我不知道如何格式化消息以使其看起来更整洁。
我目前得到的是这样的:
我希望它还包含驱动器和值(由同一查询触发的电子邮件警报会执行此操作)。我正在使用内置的 Logic App Teams 集成(在聊天或频道中发布消息)。目前只是配置为返回configurationItems值,遗憾的是,这是我想要实现的最接近的值,其他任何东西都会显示绝对混乱的JSON代码。
我尝试了不同的值和变量组合,但应用程序设计器允许我做的事情非常有限。我正在使用的查询是:
InsightsMetrics
| where Namespace == "LogicalDisk"
| where Name == "FreeSpacePercentage"
| extend Disk=tostring(todynamic(Tags)["vm.azm.ms/mountId"])
| summarize arg_max(TimeGenerated, *) by Disk, Computer
| project Computer, Disk, Val | where Val < 10
我想要“提取”的数据存储在 Computer、Disk 和 Val 维度中。 下面是逻辑应用程序的 JSON 输出负载,您可以看到我需要提取的所有数据都存储在上面存储的维度中。
{
"headers": {
"Expect": "100-continue",
"Host": "prod-29.uksouth.logic.azure.com",
"Max-Forwards": "10",
"User-Agent": "IcMBroadcaster/1.0",
"X-CorrelationContext": "RkkKACgAAAACAAAAEACyLD23wrGCS7pV2gtMjiR5AQAQAIpdK63VFIhCsQq3AI7HA4c=",
"X-ARR-LOG-ID": "32bea9c0-3db3-4cee-95c1-2b7f0d1e1f0f",
"CLIENT-IP": "52.184.145.166:31132",
"DISGUISED-HOST": "prod-29.uksouth.logic.azure.com",
"X-SITE-DEPLOYMENT-ID": "flowfe-prod-ln-rp00-app",
"WAS-DEFAULT-HOSTNAME": "flowfe-prod-ln-rp00-app.flow-prod-ln-rp00-ase.p.azurewebsites.net",
"X-Forwarded-Proto": "https",
"X-AppService-Proto": "https",
"X-ARR-SSL": "2048|256|CN=Microsoft Azure RSA TLS Issuing CA 03, O=Microsoft Corporation, C=US|CN=uksouth.logic.azure.com, O=Microsoft Corporation, L=Redmond, S=WA, C=US",
"X-Forwarded-TlsVersion": "1.2",
"X-Forwarded-For": "52.184.145.166:31132",
"X-Original-URL": "/workflows/ce0dd9c044ab4ebe8bb5d76381be9765/triggers/manual/paths/invoke?api-version=2016-06-01&sp=%2Ftriggers%2Fmanual%2Frun&sv=1.0&sig=SCgN-yEDezdc7OmH7v_IQwM3M4KUIjM8qNSciI7SMXo",
"X-WAWS-Unencoded-URL": "/workflows/ce0dd9c044ab4ebe8bb5d76381be9765/triggers/manual/paths/invoke?api-version=2016-06-01&sp=%2Ftriggers%2Fmanual%2Frun&sv=1.0&sig=SCgN-yEDezdc7OmH7v_IQwM3M4KUIjM8qNSciI7SMXo",
"Content-Length": "4731",
"Content-Type": "application/json; charset=utf-8"
},
"body": {
"schemaId": "azureMonitorCommonAlertSchema",
"data": {
"essentials": {
"alertId": "/subscriptions/69d11cc8-b7af-4c8c-bb54-9cf72cabbcba/providers/Microsoft.AlertsManagement/alerts/bbf927f7-de30-b602-1c83-1775e44f0017",
"alertRule": "VM_LowDiskSpace",
"severity": "Sev3",
"signalType": "Log",
"monitorCondition": "Fired",
"monitoringService": "Log Alerts V2",
"alertTargetIDs": [
"/subscriptions/69d11cc8-b7af-4c8c-bb54-9cf72cabbcba/resourcegroups/gds-uks-svr-mgmt-rg/providers/microsoft.operationalinsights/workspaces/gds-uks-svr-mgmt-law"
],
"configurationItems": [
"GDS-SCCM-VM01"
],
"originAlertId": "7eab1d19-63bd-4690-9cac-a1e9eb843efd",
"firedDateTime": "2024-03-03T10:49:56.8527969Z",
"description": "This will send and alert if any VM's disk space is less than 10%.",
"essentialsVersion": "1.0",
"alertContextVersion": "1.0"
},
"alertContext": {
"properties": {},
"conditionType": "LogQueryCriteria",
"condition": {
"windowSize": "P1D",
"allOf": [
{
"searchQuery": "InsightsMetrics\n| where Namespace == \"LogicalDisk\"\n| where Name == \"FreeSpacePercentage\"\n| extend Disk=tostring(todynamic(Tags)[\"vm.azm.ms/mountId\"])\n| summarize arg_max(TimeGenerated, *) by Disk, Computer\n| project Computer, Disk, Val\n| where Val < 10\n",
"metricMeasureColumn": null,
"targetResourceTypes": "['Microsoft.OperationalInsights/workspaces']",
"operator": "GreaterThanOrEqual",
"threshold": "1",
"timeAggregation": "Count",
"dimensions": [
{
"name": "Computer",
"value": "GDS-SCCM-VM01"
},
{
"name": "Disk",
"value": "L:"
},
{
"name": "Val",
"value": "9.17095184326172"
}
],
"metricValue": 1,
"failingPeriods": {
"numberOfEvaluationPeriods": 1,
"minFailingPeriodsToAlert": 1
},
"linkToSearchResultsUI": "https://portal.azure.com#@6ebe178c-d0e7...
"linkToFilteredSearchResultsUI": "https://portal.azure.com#@6ebe178c..
"linkToSearchResultsAPI": "https://api.loganalytics.io/v1/workspa...
"linkToFilteredSearchResultsAPI": "https://api.loganalytics.io/v1...
"event": null
}
],
"windowStartTime": "2024-03-02T10:46:51Z",
"windowEndTime": "2024-03-03T10:46:51Z"
}
},
"customProperties": {}
}
}
}
下面是逻辑应用程序代码视图,我很确定我可以通过手动编辑“messageBody”部分来实现我的目标,但我不确定需要更改什么:
{
"definition": {
"$schema": "https://schema.management.azure.com/providers/Microsoft.Logic/schemas/2016-06-01/workflowdefinition.json#",
"actions": {
"Post_message_in_a_chat_or_channel": {
"inputs": {
"body": {
"messageBody": "<p>@{triggerBody()?['data']?['essentials']?['configurationItems']}</p>",
"recipient": {
"channelId": "19:[email protected]",
"groupId": "e0112486-b573-4377-b8a9-df4450dd4383"
}
},
"host": {
"connection": {
"name": "@parameters('$connections')['teams_2']['connectionId']"
}
},
"method": "post",
"path": "/beta/teams/conversation/message/poster/@{encodeURIComponent('User')}/location/@{encodeURIComponent('Channel')}"
},
"runAfter": {},
"type": "ApiConnection"
}
},
"contentVersion": "1.0.0.0",
"outputs": {},
"parameters": {
"$connections": {
"defaultValue": {},
"type": "Object"
}
},
"triggers": {
"manual": {
"inputs": {
"schema": {
"properties": {
"data": {
"properties": {
"alertContext": {
"properties": {
"condition": {
"properties": {
"allOf": {
"items": {
"properties": {
"dimensions": {
"items": {
"properties": {
"name": {
"type": "string"
},
"value": {
"type": "string"
}
},
"required": [
"name",
"value"
],
"type": "object"
},
"type": "array"
},
"metricName": {
"type": "string"
},
"metricNamespace": {
"type": "string"
},
"metricValue": {
"type": "number"
},
"operator": {
"type": "string"
},
"threshold": {
"type": "string"
},
"timeAggregation": {
"type": "string"
}
},
"required": [
"metricName",
"metricNamespace",
"operator",
"threshold",
"timeAggregation",
"dimensions",
"metricValue"
],
"type": "object"
},
"type": "array"
},
"windowSize": {
"type": "string"
}
},
"type": "object"
},
"conditionType": {
"type": "string"
},
"properties": {}
},
"type": "object"
},
"customProperties": {
"properties": {
"Key1": {
"type": "string"
},
"Key2": {
"type": "string"
}
},
"type": "object"
},
"essentials": {
"properties": {
"alertContextVersion": {
"type": "string"
},
"alertId": {
"type": "string"
},
"alertRule": {
"type": "string"
},
"alertTargetIDs": {
"items": {
"type": "string"
},
"type": "array"
},
"configurationItems": {
"items": {
"type": "string"
},
"type": "array"
},
"description": {
"type": "string"
},
"essentialsVersion": {
"type": "string"
},
"firedDateTime": {
"type": "string"
},
"monitorCondition": {
"type": "string"
},
"monitoringService": {
"type": "string"
},
"originAlertId": {
"type": "string"
},
"resolvedDateTime": {
"type": "string"
},
"severity": {
"type": "string"
},
"signalType": {
"type": "string"
}
},
"type": "object"
}
},
"type": "object"
},
"schemaId": {
"type": "string"
}
},
"type": "object"
}
},
"kind": "Http",
"type": "Request"
}
}
},
"parameters": {
"$connections": {
"value": {
"teams_2": {
"connectionId": "/subscriptions/69d11cc8-b7af-4c8c-bb54-9cf72cabbcba/resourceGroups/GDS-UKS-Prod-LogicApps-rg/providers/Microsoft.Web/connections/teams-1",
"connectionName": "teams-1",
"id": "/subscriptions/69d11cc8-b7af-4c8c-bb54-9cf72cabbcba/providers/Microsoft.Web/locations/uksouth/managedApis/teams"
}
}
}
}
}
我的问题是:如何修改此应用程序以向我们的团队频道发送一条漂亮而简洁的消息,并显示带有计算机名称、磁盘和值的警报?我正在考虑使用 IncomingWebhook 集成,但我不确定如何配置它。对此的任何帮助将不胜感激。
我尝试修改应用程序设计器中的值,但最终在消息中显示了一堆难以理解的代码。单击应用程序设计器中的 dimensions 值会自动放入 foreach 循环中,这有点有意义,因为有多个维度,但我不知道如何从有效负载中提取所需的值。我正在使用 Azure 常见警报架构。
1个回答
0
投票
投票
如何修改此应用程序以向我们的 Teams 频道发送一条简洁的消息,并显示带有计算机名称、磁盘和值的警报?我正在考虑使用 IncomingWebhook 集成,但我不确定如何配置它。对此的任何帮助将不胜感激。
首先创建一个传入的 webhook,如下所示:
Design
然后:
身体:
{"text":@{body('Create_HTML_table')}}
Output:
Parse Json schema:{
"type": "object",
"properties": {
"body": {
"type": "object",
"properties": {
"data": {
"type": "object",
"properties": {
"alertContext": {
"type": "object",
"properties": {
"condition": {
"type": "object",
"properties": {
"allOf": {
"type": "array",
"items": {
"type": "object",
"properties": {
"dimensions": {
"type": "array",
"items": {
"type": "object",
"properties": {
"name": {
"type": "string"
},
"value": {
"type": "string"
}
},
"required": [
"name",
"value"
]
}
},
"event": {},
"failingPeriods": {
"type": "object",
"properties": {
"minFailingPeriodsToAlert": {
"type": "integer"
},
"numberOfEvaluationPeriods": {
"type": "integer"
}
}
},
"linkToFilteredSearchResultsAPI": {
"type": "string"
},
"linkToFilteredSearchResultsUI": {
"type": "string"
},
"linkToSearchResultsAPI": {
"type": "string"
},
"linkToSearchResultsUI": {
"type": "string"
},
"metricMeasureColumn": {},
"metricValue": {
"type": "integer"
},
"operator": {
"type": "string"
},
"searchQuery": {
"type": "string"
},
"targetResourceTypes": {
"type": "string"
},
"threshold": {
"type": "string"
},
"timeAggregation": {
"type": "string"
}
},
"required": [
"dimensions",
"event",
"failingPeriods",
"linkToFilteredSearchResultsAPI",
"linkToFilteredSearchResultsUI",
"linkToSearchResultsAPI",
"linkToSearchResultsUI",
"metricMeasureColumn",
"metricValue",
"operator",
"searchQuery",
"targetResourceTypes",
"threshold",
"timeAggregation"
]
}
},
"windowEndTime": {
"type": "string"
},
"windowSize": {
"type": "string"
},
"windowStartTime": {
"type": "string"
}
}
},
"conditionType": {
"type": "string"
},
"properties": {
"type": "object",
"properties": {}
}
}
},
"customProperties": {
"type": "object",
"properties": {}
},
"essentials": {
"type": "object",
"properties": {
"alertContextVersion": {
"type": "string"
},
"alertId": {
"type": "string"
},
"alertRule": {
"type": "string"
},
"alertTargetIDs": {
"type": "array",
"items": {
"type": "string"
}
},
"configurationItems": {
"type": "array",
"items": {
"type": "string"
}
},
"description": {
"type": "string"
},
"essentialsVersion": {
"type": "string"
},
"firedDateTime": {
"type": "string"
},
"monitorCondition": {
"type": "string"
},
"monitoringService": {
"type": "string"
},
"originAlertId": {
"type": "string"
},
"severity": {
"type": "string"
},
"signalType": {
"type": "string"
}
}
}
}
},
"schemaId": {
"type": "string"
}
}
},
"headers": {
"type": "object",
"properties": {
"CLIENT-IP": {
"type": "string"
},
"Content-Length": {
"type": "string"
},
"Content-Type": {
"type": "string"
},
"DISGUISED-HOST": {
"type": "string"
},
"Expect": {
"type": "string"
},
"Host": {
"type": "string"
},
"Max-Forwards": {
"type": "string"
},
"User-Agent": {
"type": "string"
},
"WAS-DEFAULT-HOSTNAME": {
"type": "string"
},
"X-ARR-LOG-ID": {
"type": "string"
},
"X-ARR-SSL": {
"type": "string"
},
"X-AppService-Proto": {
"type": "string"
},
"X-CorrelationContext": {
"type": "string"
},
"X-Forwarded-For": {
"type": "string"
},
"X-Forwarded-Proto": {
"type": "string"
},
"X-Forwarded-TlsVersion": {
"type": "string"
},
"X-Original-URL": {
"type": "string"
},
"X-SITE-DEPLOYMENT-ID": {
"type": "string"
},
"X-WAWS-Unencoded-URL": {
"type": "string"
}
}
}
}
}
另请参阅SO-Thread。
最新问题
- 节点画布库:文本不可见且位于图像下方
- Backstage.io MUI 按钮覆盖
- 从购物车中删除产品后如何重新加载页面 - Woocommerce
- 如何在 Lua 对象上调用析构函数两次以捕获 double free?
- Plotly 热图对数据大小有限制
- Flutter 中 BottomAppBar 的异常行为
- 如何在python中的boostrap中使用Pearson相关性?
- Cordova Ionic 应用程序 - 推送通知不适用于 Android 12 和 Android 13 - cordova-android 11.0
- 您可以推迟对视图删除过渡中使用的变量的评估吗?
- 如何在javascript中沿Y轴旋转文本?
- powerBI / DAX — 根据另一表中的 IF 条件计算一个表中的 SUM 值
- 我们可以通过redux工具包中的切片的命名导出来导出reducer吗?
- backstage.io 以编程方式添加
- 本地主机和 Cloudflare R2 预签名 URL
- 如何获取 bash 来源的所有文件的列表?
- 操作复杂对象[已关闭]
- 如果我已经使用了 time.sleep,如何要求 Python 在 12 秒后执行另一个操作
- Neo4j 2.0.0RC1 启动服务失败 87
- 在装饰XMLHttpRequest的onreadystatechange方法的函数中获取URL
- 基于键数组列表上的对象数组将每个键转换为数组列表的新对象
© www.soinside.com 2019 - 2024. All rights reserved.