You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Copy file name to clipboardExpand all lines: articles/azure-monitor/alerts/alerts-log.md
+16-5Lines changed: 16 additions & 5 deletions
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -23,13 +23,24 @@ You can also [create log alert rules using Azure Resource Manager templates](../
23
23
> [This page](alerts-unified-log.md) explains all of the concepts behind each setting used when setting up a log alert rule.
24
24
## Create a log alert rule in the Azure portal
25
25
> [!NOTE]
26
-
> This article describes creating alert rules using the new alert rule wizard. Please note these changes in the new alert rule experience:
27
-
> - Search results are not included with the triggered alert and its associated notifications. The alert contains a link to the search results in Logs.
28
-
> - The new alert rule wizard does not include the option to customize the triggered alert's email or to include a custom JSON payload.
26
+
> This article describes creating alert rules using the new alert rule wizard.
27
+
> The new alert rule experience is a little different than the old experience. Please note these changes:
28
+
> - Previously, search results were included in the payloads of the triggered alert and its associated notifications. This was a limited and error prone solution. To get detailed context information about the alert so that you can decide on the appropriate action :
29
+
> - The recommended best practice it to use [Dimensions](alerts-unified-log.md#split-by-alert-dimensions). Dimensions provide the column value that fired the alert, giving you context for why the alert fired and how to fix the issue.
30
+
> - When you need to investigate in the logs, use the link in the alert to the search results in Logs.
31
+
> - If you need the raw search results or for any other advanced customizations, use Logic Apps.
32
+
> - The new alert rule wizard does not support customization of the JSON payload.
33
+
> - Use custom properties in the [new API](/rest/api/monitor/scheduledqueryrule-2021-08-01/scheduled-query-rules/create-or-update#actions) to add static parameters and associated values to the webhook actions triggered by the alert.
34
+
> - For more advanced customizations, use Logic Apps.
35
+
> - The new alert rule wizard does not support customization of the email subject.
36
+
> - Customers often use the custom email subject to indicate the resource on which the alert fired, instead of using the Log Analytics workspace. Use the [new API](alerts-unified-log.md#split-by-alert-dimensions) to trigger an alert of the desired resource using the resource id column.
37
+
> - For more advanced customizations, use Logic Apps.
38
+
29
39
30
40
1. In the [portal](https://portal.azure.com/), select the relevant resource.
31
-
1. In the Resource menu, under **Monitoring**, select **Alerts**.
32
-
1. From the top command bar, click **Create**, and then **Alert rule**.
41
+
1. In the Resource menu, under **Monitor**, select **Logs**.
42
+
1. Write a query that will find the log events for which you want to create an alert. You can use the [alert query examples topic](../logs/queries.md) to understand what you can discover or [get started on writing your own query](../logs/log-analytics-tutorial.md). Also, [learn how to create optimized alert queries](alerts-log-query.md).
43
+
1. From the top command bar, Select **+ New Alert rule**.
33
44
34
45
:::image type="content" source="media/alerts-log/alerts-create-new-alert-rule.png" alt-text="Create new alert rule.":::
0 commit comments