A library for summarizing Azure alerts (using JWMB.AzureMonitorCommonAlertSchemaTypes) and posting them to Slack (using SlackNet).
Real-world usage example here: https://github.com/JWMB/AzureFunctionAlert2Slack/blob/main/AzureFunctionAlert2Slack/RequestToSlackFunction.cs
Notes
- Provide a custom Azure message summarizer by injecting your own implementation of
IDemuxedAlertHandlerintoAlertInfoFactory- The design ensures that when
JWMB.AzureMonitorCommonAlertSchemaTypesis extended with more signal types, theIDemuxedAlertHandlermust implement those additions (or it will not compile)
- The design ensures that when
- (In progress) For Log Alerts V2 where
SearchQueryis present, fetch query results from the corresponding Azure service (Log Analytics or Application Insights)- Currently relies on Managed Identity authorization
Azure.Monitor.Query.LogsQueryClientdoesn't parse the response properly
Simplified usage (error handling omitted for readability)
[FunctionName("HttpAlertToSlack")]
public static async Task<IActionResult> Run(
[HttpTrigger(AuthorizationLevel.Function, "post", Route = null)] HttpRequest req,
IAlertInfoFactory alertInfoFactory, IMessageSender sender,
ILogger log)
{
var requestBody = await new StreamReader(req.Body).ReadToEndAsync();
var summary = await alertInfoFactory.Process(requestBody);
var messages = messageFactory.CreateMessages(summary);
await sender.SendMessage(messages);
return new OkObjectResult("");
}