Merge pull request #235290 from paulth1/alerts-articles-batch-9

ShawnJackson · web-flow · commit cd97f3428bc1 · 2023-04-24T16:19:29.000-05:00
[AQ] edit pass: alerts-articles-batch-9
diff --git a/articles/azure-monitor/alerts/alerts-log-webhook.md b/articles/azure-monitor/alerts/alerts-log-webhook.md
@@ -1,6 +1,6 @@
 ---
 title: Webhook actions for log alerts in Azure alerts
-description: Describes how to configure a log alert pushes with webhook action and available customizations
+description: This article describes how to configure log alert pushes with webhook action and available customizations.
 services: monitoring
 ms.topic: conceptual
 ms.date: 2/23/2022
@@ -9,10 +9,13 @@ ms.reviewer: yalavi
 
 # Webhook actions for log alert rules
 
-[Log alert](alerts-log.md) supports [configuring webhook action groups](./action-groups.md#webhook). In this article, we'll describe what properties are available. Webhook actions allow you to invoke a single HTTP POST request. The service that's called should support webhooks and know how to use the payload it receives.
+[Log alerts](alerts-log.md) support [configuring webhook action groups](./action-groups.md#webhook). In this article, we describe the properties that are available. You can use webhook actions to invoke a single HTTP POST request. The service that's called should support webhooks and know how to use the payload it receives.
 
-> [!NOTE]
-> It is recommended you use [common alert schema](../alerts/alerts-common-schema.md) for your webhook integrations. The common alert schema provides the advantage of having a single extensible and unified alert payload across all the alert services in Azure Monitor. For log alerts rules that have a custom JSON payload defined, enabling the common alert schema reverts the payload schema to the one described [here](../alerts/alerts-common-schema.md#alert-context-fields-for-log-alerts). This means that if you want to have a custom JSON payload defined, the webhook can't use the common alert schema. Alerts with the common schema enabled have an upper size limit of 256 KB per alert, bigger alert will not include search results. When the search results aren't included, you should use the `LinkToFilteredSearchResultsAPI` or `LinkToSearchResultsAPI` to access query results via the Log Analytics API.
+We recommend that you use [common alert schema](../alerts/alerts-common-schema.md) for your webhook integrations. The common alert schema provides the advantage of having a single extensible and unified alert payload across all the alert services in Azure Monitor.
+
+For log alert rules that have a custom JSON payload defined, enabling the common alert schema reverts the payload schema to the one described in [Common alert schema](../alerts/alerts-common-schema.md#alert-context-fields-for-log-alerts). If you want to have a custom JSON payload defined, the webhook can't use the common alert schema.
+
+Alerts with the common schema enabled have an upper size limit of 256 KB per alert. A bigger alert doesn't include search results. When the search results aren't included, use `LinkToFilteredSearchResultsAPI` or `LinkToSearchResultsAPI` to access query results via the Log Analytics API.
 
 ## Sample payloads
 This section shows sample payloads for webhooks for log alerts. The sample payloads include examples when the payload is standard and when it's custom.
@@ -86,7 +89,7 @@ The following sample payload is for a standard webhook when it's used for log al
 The following sample payload is for a standard webhook action that's used for alerts based on Log Analytics:
 
 > [!NOTE]
-> The "Severity" field value changes if you've [switched to the current scheduledQueryRules API](/previous-versions/azure/azure-monitor/alerts/alerts-log-api-switch) from the [legacy Log Analytics Alert API](./api-alerts.md).
+> The `"Severity"` field value changes if you've [switched to the current scheduledQueryRules API](/previous-versions/azure/azure-monitor/alerts/alerts-log-api-switch) from the [legacy Log Analytics Alert API](./api-alerts.md).
 
 ```json
 {
@@ -222,56 +225,59 @@ The following sample payload is for a standard webhook when it's used for log al
 ### Log alert with a custom JSON payload (up to API version `2018-04-16`)
 
 > [!NOTE]
-> Custom JSON-based webhook is not supported from API version `2021-08-01`.
+> A custom JSON-based webhook isn't supported from API version `2021-08-01`.
 
-Default webhook action properties and their custom JSON parameter names:
+The following table lists default webhook action properties and their custom JSON parameter names.
 
 | Parameter | Variable | Description |
 |:--- |:--- |:--- |
-| *AlertRuleName* |#alertrulename |Name of the alert rule. |
-| *Severity* |#severity |Severity set for the fired log alert. |
-| *AlertThresholdOperator* |#thresholdoperator |Threshold operator for the alert rule. |
-| *AlertThresholdValue* |#thresholdvalue |Threshold value for the alert rule. |
-| *LinkToSearchResults* |#linktosearchresults |Link to the Analytics portal that returns the records from the query that created the alert. |
-| *LinkToSearchResultsAPI* |#linktosearchresultsapi |Link to the Analytics API that returns the records from the query that created the alert. |
-| *LinkToFilteredSearchResultsUI* |#linktofilteredsearchresultsui |Link to the Analytics portal that returns the records from the query filtered by dimensions value combinations that created the alert. |
-| *LinkToFilteredSearchResultsAPI* |#linktofilteredsearchresultsapi |Link to the Analytics API that returns the records from the query filtered by dimensions value combinations that created the alert. |
-| *ResultCount* |#searchresultcount |Number of records in the search results. |
-| *Search Interval End time* |#searchintervalendtimeutc |End time for the query in UTC, with the format mm/dd/yyyy HH:mm:ss AM/PM. |
-| *Search Interval* |#searchinterval |Time window for the alert rule, with the format HH:mm:ss. |
-| *Search Interval StartTime* |#searchintervalstarttimeutc |Start time for the query in UTC, with the format mm/dd/yyyy HH:mm:ss AM/PM. 
-| *SearchQuery* |#searchquery |Log search query used by the alert rule. |
-| *SearchResults* |"IncludeSearchResults": true|Records returned by the query as a JSON table, limited to the first 1,000 records. "IncludeSearchResults": true is added in a custom JSON webhook definition as a top-level property. |
-| *Dimensions* |"IncludeDimensions": true|Dimensions value combinations that triggered that alert as a JSON section. "IncludeDimensions": true is added in a custom JSON webhook definition as a top-level property. |
-| *Alert Type*| #alerttype | The type of log alert rule configured as [Metric measurement or Number of results](./alerts-unified-log.md#measure).|
-| *WorkspaceID* |#workspaceid |ID of your Log Analytics workspace. |
-| *Application ID* |#applicationid |ID of your Application Insights app. |
-| *Subscription ID* |#subscriptionid |ID of your Azure subscription used. | 
+| `AlertRuleName` |#alertrulename |Name of the alert rule. |
+| `Severity` |#severity |Severity set for the fired log alert. |
+| `AlertThresholdOperator` |#thresholdoperator |Threshold operator for the alert rule. |
+| `AlertThresholdValue` |#thresholdvalue |Threshold value for the alert rule. |
+| `LinkToSearchResults` |#linktosearchresults |Link to the Analytics portal that returns the records from the query that created the alert. |
+| `LinkToSearchResultsAPI` |#linktosearchresultsapi |Link to the Analytics API that returns the records from the query that created the alert. |
+| `LinkToFilteredSearchResultsUI` |#linktofilteredsearchresultsui |Link to the Analytics portal that returns the records from the query filtered by dimensions value combinations that created the alert. |
+| `LinkToFilteredSearchResultsAPI` |#linktofilteredsearchresultsapi |Link to the Analytics API that returns the records from the query filtered by dimensions value combinations that created the alert. |
+| `ResultCount` |#searchresultcount |Number of records in the search results. |
+| `Search Interval End time` |#searchintervalendtimeutc |End time for the query in UTC, with the format mm/dd/yyyy HH:mm:ss AM/PM. |
+| `Search Interval` |#searchinterval |Time window for the alert rule, with the format HH:mm:ss. |
+| `Search Interval StartTime` |#searchintervalstarttimeutc |Start time for the query in UTC, with the format mm/dd/yyyy HH:mm:ss AM/PM. 
+| `SearchQuery` |#searchquery |Log search query used by the alert rule. |
+| `SearchResults` |"IncludeSearchResults": true|Records returned by the query as a JSON table, limited to the first 1,000 records. "IncludeSearchResults": true is added in a custom JSON webhook definition as a top-level property. |
+| `Dimensions` |"IncludeDimensions": true|Dimensions value combinations that triggered that alert as a JSON section. "IncludeDimensions": true is added in a custom JSON webhook definition as a top-level property. |
+| `Alert Type`| #alerttype | The type of log alert rule configured as [Metric measurement or Number of results](./alerts-unified-log.md#measure).|
+| `WorkspaceID` |#workspaceid |ID of your Log Analytics workspace. |
+| `Application ID` |#applicationid |ID of your Application Insights app. |
+| `Subscription ID` |#subscriptionid |ID of your Azure subscription used. |
 
-You can use the **Include custom JSON payload for webhook** to get a custom JSON payload using the parameters. You can also generate additional properties.
-For example, you might specify the following custom payload that includes a single parameter called *text*. The service that this webhook calls expects this parameter:
+You can use **Include custom JSON payload for webhook** to get a custom JSON payload by using the parameters. You can also generate more properties.
+
+For example, you might specify the following custom payload that includes a single parameter called `text`. The service that this webhook calls expects this parameter:
 
 ```json
 
     {
         "text":"#alertrulename fired with #searchresultcount over threshold of #thresholdvalue."
     }
 ```
-This example payload resolves to something like the following when it's sent to the webhook:
+
+This example payload resolves to something like the following example when it's sent to the webhook:
 
 ```json
     {
         "text":"My Alert Rule fired with 18 records over threshold of 10 ."
     }
 ```
-Variables in a custom webhook must be specified within a JSON enclosure. For example, referencing "#searchresultcount" in the webhook example will output based on the alert results.
 
-To include search results, add **IncludeSearchResults** as a top-level property in the custom JSON. Search results are included as a JSON structure, so results can't be referenced in custom defined fields. 
+Variables in a custom webhook must be specified within a JSON enclosure. For example, referencing `#searchresultcount` in the webhook example generates output based on the alert results.
+
+To include search results, add **IncludeSearchResults** as a top-level property in the custom JSON. Search results are included as a JSON structure, so results can't be referenced in custom-defined fields.
 
 > [!NOTE]
-> The **View Webhook** button next to the **Include custom JSON payload for webhook** option displays preview of what was provided. It doesn't contain actual data, but is representative of the JSON schema that will be used.
+> The **View Webhook** button next to the **Include custom JSON payload for webhook** option displays a preview of what was provided. It doesn't contain actual data but is representative of the JSON schema that will be used.
 
-For example, to create a custom payload that includes just the alert name and the search results, use this configuration: 
+For example, to create a custom payload that includes only the alert name and the search results, use this configuration:
 
 ```json
     {
diff --git a/articles/azure-monitor/alerts/proactive-diagnostics.md b/articles/azure-monitor/alerts/proactive-diagnostics.md
@@ -1,6 +1,6 @@
 ---
-title: Smart detection in Azure Application Insights | Microsoft Docs
-description: Application Insights performs automatic deep analysis of your app telemetry and warns you of potential problems.
+title: Smart detection in Application Insights | Microsoft Docs
+description: Application Insights performs automatic deep analysis of your app telemetry and warns you about potential problems.
 ms.topic: conceptual
 ms.date: 02/07/2019
 ms.reviewer: yagil
@@ -9,55 +9,54 @@ ms.reviewer: yagil
 # Smart detection in Application Insights
 
 >[!NOTE]
->You can migrate smart detection on your Application Insights resource to be based on alerts. The migration creates alert rules for the different smart detection modules. Once created, you can manage and configure these rules just like any other Azure Monitor alert rules. You can also configure action groups for these rules, thus enabling multiple methods of taking actions or triggering notification on new detections.
+>You can migrate smart detection on your Application Insights resource to be based on alerts. The migration creates alert rules for the different smart detection modules. After it's created, you can manage and configure these rules like any other Azure Monitor alert rules. You can also configure action groups for these rules to enable multiple methods of taking actions or triggering notification on new detections.
 >
-> For more information, see [Smart Detection Alerts migration](./alerts-smart-detections-migration.md).
+> For more information, see [Smart detection alerts migration](./alerts-smart-detections-migration.md).
 
-Smart detection automatically warns you of potential performance problems and failure anomalies in your web application. It performs proactive analysis of the telemetry that your app sends to [Application Insights](../app/app-insights-overview.md). If there is a sudden rise in failure rates, or abnormal patterns in client or server performance, you get an alert. This feature needs no configuration. It operates if your application sends enough telemetry.
+Smart detection automatically warns you of potential performance problems and failure anomalies in your web application. It performs proactive analysis of the telemetry that your app sends to [Application Insights](../app/app-insights-overview.md). If there's a sudden rise in failure rates or abnormal patterns in client or server performance, you get an alert. This feature needs no configuration. It operates if your application sends enough telemetry.
 
-You can access the detections issued by smart detection both from the emails you receive, and from the smart detection pane.
+You can access the detections issued by smart detection from the emails you receive and from the smart detection pane.
 
 ## Review your smart detections
 You can discover detections in two ways:
 
 * **You receive an email** from Application Insights. Here's a typical example:
   
-    ![Email alert](./media/proactive-diagnostics/03.png)
+    ![Screenshot that shows an email alert.](./media/proactive-diagnostics/03.png)
   
-    Click the large button to open more detail in the portal.
-* **The smart detection pane** in Application Insights. Select **Smart detection** under the **Investigate** menu to see a list of recent detections.
+    Select **See the analysis of this issue** to see more information in the portal.
+* **The smart detection pane** in Application Insights. Under the **Investigate** menu, select **Smart Detection** to see a list of recent detections.
 
-![View recent detections](./media/proactive-diagnostics/04.png)
+   ![Screenshot that shows recent detections.](./media/proactive-diagnostics/04.png)
 
 Select a detection to view its details.
 
 ## What problems are detected?
 
-Smart detection detects and notifies about various issues, such as:
+Smart detection detects and notifies you about various issues:
 
-* [Smart detection - Failure Anomalies](./proactive-failure-diagnostics.md). We use machine learning to set the expected rate of failed requests for your app, correlating with load, and other factors. Notifies if the failure rate goes outside the expected envelope.
-* [Smart detection - Performance Anomalies](./smart-detection-performance.md). Notifies if response time of an operation or dependency duration is slowing down, compared to historical baseline. It also notifies if we identify an anomalous pattern in response time, or page load time.   
-* General degradations and issues, like [Trace degradation](./proactive-trace-severity.md), [Memory leak](./proactive-potential-memory-leak.md), [Abnormal rise in Exception volume](./proactive-exception-volume.md) and [Security anti-patterns](./proactive-application-security-detection-pack.md).
+* [Smart detection - Failure Anomalies](./proactive-failure-diagnostics.md): Notifies if the failure rate goes outside the expected envelope. We use machine learning to set the expected rate of failed requests for your app, correlating with load and other factors.
+* [Smart detection - Performance Anomalies](./smart-detection-performance.md): Notifies if response time of an operation or dependency duration is slowing down compared to the historical baseline. It also notifies if we identify an anomalous pattern in response time or page load time.
+* **General degradations and issues**: [Trace degradation](./proactive-trace-severity.md), [Memory leak](./proactive-potential-memory-leak.md), [Abnormal rise in Exception volume](./proactive-exception-volume.md), and [Security anti-patterns](./proactive-application-security-detection-pack.md).
 
-(The help links in each notification take you to the relevant articles.)
+The help links in each notification take you to the relevant articles.
 
 ## Smart detection email notifications
 
 All smart detection rules, except for rules marked as _preview_, are configured by default to send email notifications when detections are found.
 
-Configuring email notifications for a specific smart detection rule can be done by opening the smart detection **Settings** pane and selecting the rule, which will open the **Edit rule** pane.
-
-Alternatively, you can change the configuration using Azure Resource Manager templates. For more information, see [Manage Application Insights smart detection rules using Azure Resource Manager templates](./proactive-arm-config.md) for more details.
+You can configure email notifications for a specific smart detection rule. On the smart detection **Settings** pane, select the rule to open the **Edit rule** pane.
 
+Alternatively, you can change the configuration by using Azure Resource Manager templates. For more information, see [Manage Application Insights smart detection rules by using Azure Resource Manager templates](./proactive-arm-config.md).
 
 ## Next steps
 These diagnostic tools help you inspect the telemetry from your app:
 
 * [Metric explorer](../essentials/metrics-charts.md)
 * [Search explorer](../app/diagnostic-search.md)
-* [Analytics - powerful query language](../logs/log-analytics-tutorial.md)
+* [Analytics: Powerful query language](../logs/log-analytics-tutorial.md)
 
-Smart Detection is automatic. But maybe you'd like to set up some more alerts?
+Smart detection is automatic, but if you want to set up more alerts, see:
 
 * [Manually configured metric alerts](./alerts-log.md)
 * [Availability web tests](/previous-versions/azure/azure-monitor/app/monitor-web-app-availability)
