You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Copy file name to clipboardExpand all lines: articles/monitoring-and-diagnostics/monitor-alerts-unified-log-webhook.md
+5-4Lines changed: 5 additions & 4 deletions
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -45,11 +45,11 @@ Webhooks include a URL and a payload formatted in JSON that is the data sent to
45
45
| Severity |#severity |Severity set for the fired log alert. |
46
46
| AlertThresholdOperator |#thresholdoperator |Threshold operator for the alert rule. *Greater than* or *Less than*. |
47
47
| AlertThresholdValue |#thresholdvalue |Threshold value for the alert rule. |
48
-
| LinkToSearchResults |#linktosearchresults |Link to Log Analytics log search that returns the records from the query that created the alert. |
48
+
| LinkToSearchResults |#linktosearchresults |Link to Analytics portal that returns the records from the query that created the alert. |
49
49
| ResultCount |#searchresultcount |Number of records in the search results. |
50
-
| Search Interval End time |#searchintervalendtimeutc |End time for the query in UTC format. |
51
-
| Search Interval |#searchinterval |Time window for the alert rule. |
52
-
| Search Interval StartTime |#searchintervalstarttimeutc |Start time for the query in UTC format.
50
+
| Search Interval End time |#searchintervalendtimeutc |End time for the query in UTC, format - mm/dd/yyyy HH:mm:ss AM/PM. |
51
+
| Search Interval |#searchinterval |Time window for the alert rule, format - HH:mm:ss. |
52
+
| Search Interval StartTime |#searchintervalstarttimeutc |Start time for the query in UTC, format - mm/dd/yyyy HH:mm:ss AM/PM..
53
53
| SearchQuery |#searchquery |Log search query used by the alert rule. |
54
54
| SearchResults |"IncludeSearchResults": true|Records returned by the query as a JSON Table, limited to the first 1,000 records; if "IncludeSearchResults": true is added in custom JSON webhook definition as a top-level property. |
55
55
| WorkspaceID |#workspaceid |ID of your Log Analytics workspace. |
@@ -72,6 +72,7 @@ This example payload would resolve to something like the following when sent to
72
72
"text":"My Alert Rule fired with 18 records over threshold of 10 ."
73
73
}
74
74
```
75
+
As all variables in a custom webhook have to specified within JSON enclosure like "#searchinterval", the resultant webhook will also have variable data inside enclosure like "00:05:00".
75
76
76
77
To include search results in a custom payload, ensure that **IncudeSearchResults** is set as a top-level property in the json payload.
0 commit comments