Send your Azure alerts to ITSM tools using Action Groups

Publicado el 11 octubre, 2017

Principal PM Manager, AIM India

At Ignite 2017, we announced the new IT Service Management (ITSM) Action in Azure Action Groups. As you might know, Action Groups is a reusable notification grouping for Azure alerts. Users can create an action group with functions such as sending an email or SMS, as well as calling a webhook and re-use it across multiple alerts. The new ITSM Action will allow users to create a work item in the connected ITSM tool when an alert is fired.

ITSM Connector Solution in Log Analytics

This action builds on top of the IT Service Management Connector Solution in Azure Log Analytics. The ITSM Connector solution provides a bi-directional connection with the ITSM tool of your choice. Currently the solution is in public preview and supports connections with ITSM tools such as System Center Service Manager, ServiceNow, Provance, and Cherwell. Today, through the ITSM Action, we are bringing the same integration capabilities to Azure alerts.

The IT Service Management Connector allows you to:

  • Create work items (incidents, alerts, and events) in the connected ITSM tool when a Log Analytics alert fires, or manually from a Log Analytics log record.
  • Combine the power of help desk data, such as incidents and change requests, and log data, such as activity and diagnostic logs, performance, and configuration changes, to mitigate incidents quickly.
  • Derive insights from incidents using the Azure Log Analytics platform.

Using the new ITSM Action

Before you can start using the ITSM Action, you will need to install and configure the IT Service Management Connector Solution in Log Analytics. Once you have the solution configured, you can follow the steps below to use the ITSM Action.

1. In Azure portal, click on Monitor.

2. In the left pane, click on Action groups.

Action groups

3. Provide Name and ShortName for your action group. Select the Resource Group and Subscription where you want your action group to get created.

Add action group

4. In the Actions list, select ITSM from the drop-down for Action Type. Provide a Name for the action and click on Edit details.

5. Select the Subscription where your Log Analytics workspace is located. Select the Connection (i.e your ITSM Connector name) followed by your Workspace name. For example, "MyITSMMConnector(MyWorkspace)."

ITSM Ticket

6. Select Work Item type from the drop-down.

7. Choose to use an existing template or complete the fields required by your ITSM product.

8. Click OK

When creating/editing an Azure alert rule, use an Action Group which has an ITSM Action. When the alert triggers, a work item is created in the ITSM tool.

Note: Currently only Activity Log Alerts support the ITSM Action. For other Azure alerts, this action is triggered but no work item will be created.

We hope you will find this feature useful in integrating your alerting and Service Desk solutions. Learn more and get information on IT Service Management Connector Solution and Action Groups.

We would love to hear your feedback. Send us any questions or feedback to azurealertsfeedback@microsoft.com