Azure Monitor
An Azure service that is used to collect, analyze, and act on telemetry data from Azure and on-premises environments.
3,402 questions
Custom webhook payloads for Smart Alerts with Common Alert Schema
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(243.2, 23%, 33%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EJ%3C/text%3E%3C/svg%3E)
Jens
0
Reputation points
I'm trying to define an alert rule for a Smart Alert, where the trigger should be an action group with a webhook using the Common Alert Schema. I need to include some custom properties to the webhook as well.
I'm currently defining the alert rule using terraform, and the definition looks something like this:
resource "azurerm_monitor_smart_detector_alert_rule" "MemoryLeakDetector" {
enabled = true
name = "MemoryLeakDetector"
resource_group_name = var.resource_group_name
severity = "Sev3"
scope_resource_ids = [var.scope_resource_id]
frequency = "P1D"
detector_type = "MemoryLeakDetector"
action_group {
ids = [var.oncall_action_group_id]
webhook_payload = jsonencode({
CustomProperty1 = "FooBar"
})
}
}
For the custom payload that ends up in the JSON definition of the rule under properties.actionGroups.customWebhookPayload which is different from when I define regular metric/log search rules. Those also have the action group part of terraform looking slightly different, like this instead:
action {
action_group_id = var.oncall_action_group_id
webhook_properties = {
CustomProperty1 = "FooBar"
}
}
And then it instead ends up in the JSON definition in properties.actions.customProperties.
For the regular metric/log search rules, when they are triggered the custom payload comes through and is present as described by the common alert schema. However, for the Smart Alert rules, the custom payload isn't present in the body of the call to the webhook at all.
All rules use the same action group with the same webhook, and all of them use the common alert schema.
Is there something wrong with my assumptions here, and how can I get the custom payload onto the body of the call when using smart alert rules?
{count} votes
-
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(256, 20%, 34%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EPR%3C/text%3E%3C/svg%3E)
Pranay Reddy Madireddy 1,310 Reputation points Microsoft Vendor2025-01-06T22:38:40.9033333+00:00 Hi Jens
Welcome to the Microsoft Q&A Platform! Thank you for asking your question here.
In Smart Alerts, the webhook_payload you specify is saved under properties.actionGroups.customWebhookPayload, but this payload may not be included in the body of the webhook call when the alert is triggered.
For metric or log alerts, the webhook_properties are sent in the alert payload under properties.actions.customProperties, enabling custom properties to be directly transmitted to your webhook.
The Common Alert Schema allows for custom properties, but how these properties are used varies by alert type. For Smart Alerts, there are limits on what can be included in the webhook call, which can be confusing for users who expect it to work like metric or log alerts.
For reference, please review this documentation:-
https://learn.microsoft.com/en-us/azure/azure-monitor/alerts/alerts-common-schema?WT.mc_id=modinfra-67716-pierrerIf you have any further queries, do let us know.
If the answer is helpful, please click "Accept Answer" and "Upvote it".
Sign in to comment
Sign in to answer