Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Adding Alert Processing Rule flexibility based on severity filters #456

Merged
merged 48 commits into from
Dec 20, 2024
Merged

Adding Alert Processing Rule flexibility based on severity filters #456

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
48 commits
Select commit Hold shift + click to select a range
ea6a891
Merge branch 'Alboroni-LZ2alerts'
Alboroni Nov 3, 2023
b2d0b46
Merge branch 'main' of https://github.com/Azure/azure-monitor-baselin…
Alboroni Nov 17, 2023
5def44b
dsadasdsasd
Alboroni May 1, 2024
cc73e3a
Merge remote-tracking branch 'upstream'
Alboroni May 1, 2024
bc71c96
Merge branch 'main' of https://github.com/Alboroni/azure-monitor-base…
Alboroni Sep 9, 2024
c056c51
added suffic for name parameter
Alboroni Sep 23, 2024
c00127a
up assessts
Alboroni Sep 23, 2024
22d1a97
remove set
Alboroni Sep 23, 2024
06f41a5
remove quotes
Alboroni Sep 23, 2024
3d599d0
update all
Alboroni Sep 23, 2024
9a0cbb0
testingdep
Alboroni Sep 23, 2024
d74b310
updateall
Alboroni Sep 23, 2024
f875784
update scope
Alboroni Sep 23, 2024
91f57ce
update
Alboroni Sep 23, 2024
9a52d40
sync all
Alboroni Sep 23, 2024
d8b12d4
updy
Alboroni Sep 23, 2024
fe073d4
go
Alboroni Sep 23, 2024
f4efc4b
removeeverything
Alboroni Sep 23, 2024
b8bf7a0
again
Alboroni Sep 23, 2024
0b4ba8a
remove ( for everywhere
Alboroni Sep 23, 2024
d43a07f
i[daye
Alboroni Sep 23, 2024
79b33a1
new
Alboroni Sep 23, 2024
6c4c4b4
test
Alboroni Sep 23, 2024
d08f52f
tt
Alboroni Sep 23, 2024
7fa2a4e
update remoec parameter
Alboroni Sep 24, 2024
7dc6c3c
set
Alboroni Sep 24, 2024
8f4569a
update to alzalert service
Alboroni Nov 20, 2024
61d4c11
update build and default RG
Alboroni Dec 10, 2024
1ec2f1f
Aligning featire-updateprocessupdate with Azure/azure-monitor-baselin…
Brunoga-MS Dec 11, 2024
0f8cff1
Update policy definitions and parameters; add ALZAlertSeverity and AL…
Brunoga-MS Dec 11, 2024
d57b206
Updating version
Brunoga-MS Dec 11, 2024
2bfa9f2
Updating param name and ARP description
Brunoga-MS Dec 11, 2024
0d90078
Fixed one moreparam name which was forgot
Brunoga-MS Dec 11, 2024
d74e0b5
Fixed param name repetition
Brunoga-MS Dec 11, 2024
094daa2
cd..update
Alboroni Dec 19, 2024
def7054
Merge branch 'featire-updateprocessupdate' of https://github.com/Albo…
Alboroni Dec 19, 2024
d354049
Merge branch 'main' of https://github.com/azure/azure-monitor-baselin…
Brunoga-MS Dec 20, 2024
62234d4
Merge branch 'featire-updateprocessupdate' of https://github.com/Albo…
Brunoga-MS Dec 20, 2024
db41b41
Set useCommonAlertSchema to false in Deploy-AlertProcessingRule-Deplo…
Brunoga-MS Dec 20, 2024
31c3a28
update params in alzarm.json
Alboroni Dec 20, 2024
fa5b475
Merge branch 'featire-updateprocessupdate' of https://github.com/Albo…
Alboroni Dec 20, 2024
b2b53ef
remove white space
Alboroni Dec 20, 2024
15b05ea
update param in alz template
Alboroni Dec 20, 2024
818820d
Merge branch 'main' of https://github.com/azure/azure-monitor-baselin…
Brunoga-MS Dec 20, 2024
78f7f53
regenearting jsonfile
Brunoga-MS Dec 20, 2024
335bc75
Update policies
arjenhuitema Dec 20, 2024
ec89146
Refactor notification asset parameters in alzArm.json for improved or…
Brunoga-MS Dec 20, 2024
adbc4d6
Merge branch 'featire-updateprocessupdate' of https://github.com/Albo…
Brunoga-MS Dec 20, 2024
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
31 changes: 30 additions & 1 deletion patterns/alz/alzArm.json
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -339,6 +339,27 @@
"description": "Provide the alert processing rule used for monitoring."
}
},
"ALZAlertSeverity": {
"type": "array",
"defaultValue": [
"Sev0",
"Sev1",
"Sev2",
"Sev3",
"Sev4"
],
"metadata": {
"description": "Alert Severities for alert processing rule to action."
}
},
"ALZNotificationAssetSuffix" :{

"type": "string",
"defaultValue": "-001",
"metadata": {
"description": "Suffix for the notification assets."
}
},
"currentDateTimeUtcNow": {
"type": "string",
"defaultValue": "[utcNow()]",
Expand Down Expand Up @@ -487,12 +508,20 @@
"value": "[parameters('BYOAlertProcessingRule')]"
}
},
"notificationAssetSeverityParameters": {
"ALZAlertSeverity": {
"value": "[parameters('ALZAlertSeverity')]"
},
"ALZNotificationAssetSuffix": {
"value": "[parameters('ALZNotificationAssetSuffix')]"
}
},
// Declaring the policy assignment parameters that will be used for all policy assignments
"policyAssignmentParametersConnectivity": "[union(variables('policyAssignmentParametersCommon'), parameters('policyAssignmentParametersConnectivity'))]",
"policyAssignmentParametersIdentity": "[union(variables('policyAssignmentParametersCommon'), parameters('policyAssignmentParametersIdentity'))]",
"policyAssignmentParametersManagement": "[union(variables('policyAssignmentParametersCommon'), parameters('policyAssignmentParametersManagement'), variables('uamiParameters'))]",
"policyAssignmentParametersServiceHealth": "[union(variables('policyAssignmentParametersCommon'), parameters('policyAssignmentParametersServiceHealth'), variables('notificationAssetParameters'))]",
"policyAssignmentParametersNotificationAssets": "[union(variables('policyAssignmentParametersCommon'), variables('notificationAssetParameters'))]",
"policyAssignmentParametersNotificationAssets": "[union(variables('policyAssignmentParametersCommon'), variables('notificationAssetParameters'), variables('notificationAssetSeverityParameters'))]",
"policyAssignmentParametersHybridVM": "[union(variables('policyAssignmentParametersCommon'), parameters('policyAssignmentParametersHybridVM'), variables('uamiParameters'))]",
"policyAssignmentParametersKeyManagement": "[union(variables('policyAssignmentParametersCommon'), parameters('policyAssignmentParametersKeyManagement'))]",
"policyAssignmentParametersLoadBalancing": "[union(variables('policyAssignmentParametersMonitorDisable'), parameters('policyAssignmentParametersLoadBalancing'))]",
Expand Down
12 changes: 12 additions & 0 deletions patterns/alz/alzArm.param.json
View file
Open in desktop
Brunoga-MS marked this conversation as resolved.
Show resolved Hide resolved
Original file line number Diff line number Diff line change
Expand Up @@ -120,6 +120,18 @@
"ALZFunctionTriggerUrl": {
"value": ""
},
"ALZNotificationAssetSuffix": {
"value": "-001"
},
"ALZAlertSeverity": {
"value": [
"Sev0",
"Sev1",
"Sev2",
"Sev3",
"Sev4"
]
},
"BYOActionGroup": {
"value": []
},
Expand Down
12 changes: 12 additions & 0 deletions patterns/alz/eslzArm.terraform-sync.param.json
View file
Open in desktop
Brunoga-MS marked this conversation as resolved.
Show resolved Hide resolved
Original file line number Diff line number Diff line change
Expand Up @@ -120,6 +120,18 @@
"ALZFunctionTriggerUrl": {
"value": ""
},
"ALZNotificationAssetSuffix": {
"value": "-001"
},
"ALZAlertSeverity": {
"value": [
"Sev0",
"Sev1",
"Sev2",
"Sev3",
"Sev4"
]
},
"BYOActionGroup": {
"value": []
},
Expand Down
2 changes: 1 addition & 1 deletion patterns/alz/policyDefinitions/policies-Network.json
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -8249,4 +8249,4 @@
}
}
}
}
}
36 changes: 32 additions & 4 deletions patterns/alz/policyDefinitions/policies-NotificationAssets.json
View file
Open in desktop

Large diffs are not rendered by default.

2 changes: 1 addition & 1 deletion patterns/alz/policyDefinitions/policies-Web.json
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -1003,4 +1003,4 @@
}
}
}
}
}
30 changes: 29 additions & 1 deletion patterns/alz/policySetDefinitions/Deploy-Notification-Assets.json
View file
Open in desktop
Brunoga-MS marked this conversation as resolved.
Show resolved Hide resolved
Original file line number Diff line number Diff line change
Expand Up @@ -6,7 +6,7 @@
"displayName": "Deploy Azure Monitor Baseline Alerts - Notification Assets",
"description": "This initiative deploys Notification Assets for Azure Monitor Baseline Alerts. This includes the setup of an Alert Processing Rule and an Action Group to manage notifications and actions, along with a Notification Suppression Rule to manage alert notifications, as well as a Notification Suppression Rule to control alert notifications.",
"metadata": {
"version": "1.3.1",
"version": "1.4.1",
"category": "Monitoring",
"source": "https://github.com/Azure/azure-monitor-baseline-alerts/",
"alzCloudEnvironments": [
Expand Down Expand Up @@ -126,6 +126,28 @@
},
"defaultValue": ""
},
"ALZNotificationAssetSuffix": {
"type": "String",
"metadata": {
"displayName": "Notification Asset Name Suffix",
"description": "Suffix for Alert Processing Rule and Action Group names"
},
"defaultValue": "-001"
},
"ALZAlertSeverity": {
"type": "Array",
"metadata": {
"displayName": "Alert Severities for Alert Processing Rule",
"description": "Severity of the alerts to apply action groups. Will apply to all severities if not specified."
},
"defaultValue": [
"Sev0",
"Sev1",
"Sev2",
"Sev3",
"Sev4"
]
},
"BYOActionGroup": {
"type": "array",
"metadata": {
Expand Down Expand Up @@ -181,6 +203,12 @@
"ALZFunctionTriggerUrl": {
"value": "[[parameters('ALZFunctionTriggerUrl')]"
},
"ALZNotificationAssetSuffix": {
"value": "[[parameters('ALZNotificationAssetSuffix')]"
},
"ALZAlertSeverity": {
"value": "[[parameters('ALZAlertSeverity')]"
},
"BYOActionGroup": {
"value": "[[parameters('BYOActionGroup')]"
},
Expand Down
69 changes: 61 additions & 8 deletions services/AlertsManagement/actionRules/Deploy-AlertProcessingRule-Deploy.json
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -8,7 +8,7 @@
"displayName": "Deploy AMBA Notification Assets",
"description": "Policy to deploy Action Group and Alert Processing Rule for all AMBA alerts",
"metadata": {
"version": "1.4.0",
"version": "1.5.0",
"category": "Monitoring",
"source": "https://github.com/Azure/azure-monitor-baseline-alerts/",
"alzCloudEnvironments": [
Expand Down Expand Up @@ -107,6 +107,28 @@
},
"defaultValue": ""
},
"ALZNotificationAssetSuffix": {
"type": "String",
"metadata": {
"displayName": "Notification Asset Name Suffix",
"description": "Suffix for Alert Processing Rule and Action Group names"
},
"defaultValue": "-001"
},
"ALZAlertSeverity": {
"type": "Array",
"metadata": {
"displayName": "Alert Severities for Alert Processing Rule",
"description": "Severity of the alerts to apply action groups. Will apply to all severities if not specified."
},
"defaultValue": [
"Sev0",
"Sev1",
"Sev2",
"Sev3",
"Sev4"
]
},
"BYOActionGroup": {
"type": "array",
"metadata": {
Expand Down Expand Up @@ -176,7 +198,7 @@
"allOf": [
{
"field": "Microsoft.AlertsManagement/actionRules/description",
"equals": "AMBA Notification Assets - Alert Processing Rule for Subscription"
"equals": "[[concat('AMBA Notification Assets - Alert Processing Rule for Subscription', parameters('ALZNotificationAssetSuffix'))]"
}
]
},
Expand Down Expand Up @@ -221,6 +243,12 @@
"ALZFunctionTriggerUrl": {
"type": "String"
},
"ALZNotificationAssetSuffix": {
"type": "string"
},
"ALZAlertSeverity": {
"type": "Array"
},
"BYOActionGroup": {
"type": "array"
},
Expand Down Expand Up @@ -255,7 +283,7 @@
"input": {
"name": "[[concat('AlzMail-', indexOf(parameters('ALZMonitorActionGroupEmail'), parameters('ALZMonitorActionGroupEmail')[copyIndex('varEmailReceivers')]))]",
"emailAddress": "[[trim(parameters('ALZMonitorActionGroupEmail')[copyIndex('varEmailReceivers')])]",
"useCommonAlertSchema": true
"useCommonAlertSchema": false
}
},
{
Expand Down Expand Up @@ -352,6 +380,12 @@
"ALZFunctionTriggerUrl": {
"type": "string"
},
"ALZNotificationAssetSuffix": {
"type": "string"
},
"ALZAlertSeverity": {
"type": "Array"
},
"BYOActionGroup": {
"type": "array"
},
Expand All @@ -365,7 +399,7 @@
"condition": "[[and(empty(parameters('BYOActionGroup')), empty(parameters('BYOAlertProcessingRule')))]",
"type": "Microsoft.Insights/actionGroups",
"apiVersion": "2023-01-01",
"name": "[[concat('ag-AMBA-', subscription().displayName, '-001')]",
"name": "[[concat('ag-AMBA-', subscription().displayName, parameters('ALZNotificationAssetSuffix'))]",
"location": "Global",
"tags": {
"_deployed_by_amba": true
Expand All @@ -385,10 +419,10 @@
"condition": "[[empty(parameters('BYOAlertProcessingRule'))]",
"type": "Microsoft.AlertsManagement/actionRules",
"apiVersion": "2021-08-08",
"name": "[[concat('apr-AMBA-',subscription().displayName, '-001')]",
"name": "[[concat('apr-AMBA-',subscription().displayName, parameters('ALZNotificationAssetSuffix'))]",
"location": "Global",
"dependsOn": [
"[[concat('ag-AMBA-', subscription().displayName, '-001')]"
"[[concat('ag-AMBA-', subscription().displayName, parameters('ALZNotificationAssetSuffix'))]"
],
"tags": {
"_deployed_by_amba": true
Expand All @@ -397,11 +431,18 @@
"scopes": [
"[[subscription().Id]"
],
"description": "AMBA Notification Assets - Alert Processing Rule for Subscription",
"description": "[[concat('AMBA Notification Assets - Alert Processing Rule for Subscription', parameters('ALZNotificationAssetSuffix'))]",
"conditions": [
{
"field": "severity",
"operator": "Equals",
"values": "[[parameters('ALZAlertSeverity')]"
}
],
"enabled": true,
"actions": [
{
"actiongroupIds": "[[if(empty(parameters('BYOActionGroup')), array(concat(subscription().Id, '/resourceGroups/', parameters('ALZMonitorResourceGroupName'), '/providers/microsoft.insights/actionGroups/', 'ag-AMBA-', subscription().displayName, '-001')), variables('varAGIds'))]",
"actiongroupIds": "[[if(empty(parameters('BYOActionGroup')), array(concat(subscription().Id, '/resourceGroups/', parameters('ALZMonitorResourceGroupName'), '/providers/microsoft.insights/actionGroups/', 'ag-AMBA-', subscription().displayName, parameters('ALZNotificationAssetSuffix'))), variables('varAGIds'))]",
"actionType": "AddActionGroups"
}
]
Expand Down Expand Up @@ -437,6 +478,12 @@
"ALZFunctionTriggerUrl": {
"value": "[[parameters('ALZFunctionTriggerUrl')]"
},
"ALZNotificationAssetSuffix":{
"value": "[[parameters('ALZNotificationAssetSuffix')]"
},
"ALZAlertSeverity": {
"value": "[[parameters('ALZAlertSeverity')]"
},
"BYOActionGroup": {
"value": "[[parameters('BYOActionGroup')]"
},
Expand Down Expand Up @@ -482,6 +529,12 @@
"ALZFunctionTriggerUrl": {
"value": "[[parameters('ALZFunctionTriggerUrl')]"
},
"ALZNotificationAssetSuffix":{
"value": "[[parameters('ALZNotificationAssetSuffix')]"
},
"ALZAlertSeverity": {
"value": "[[parameters('ALZAlertSeverity')]"
},
"BYOActionGroup": {
"value": "[[parameters('BYOActionGroup')]"
},
Expand Down
2 changes: 1 addition & 1 deletion services/AlertsManagement/actionRules/Deploy-AlertProcessingRule-Suppression.json
View file
Open in desktop
Brunoga-MS marked this conversation as resolved.
Show resolved Hide resolved
Original file line number Diff line number Diff line change
Expand Up @@ -146,7 +146,7 @@
{
"type": "Microsoft.AlertsManagement/actionRules",
"apiVersion": "2021-08-08",
"name": "[[concat('apr-AMBA-',subscription().displayName, '-002')]",
"name": "[[concat('apr-AMBA-',subscription().displayName, '-S001')]",
"location": "Global",
"dependsOn": [],
"tags": {
Expand Down
Loading