Forwarding Azure infrastructure alerts to Slack

My team at Shift Digital uses Azure for all of our computing needs. We do not have a single on-premises server. We use both Infrastructure as a Service (IaaS) and Platform as a Service (PaaS). Because all of infrastructure lives in the cloud, we needed a way to get alerts in case of high CPU usage, high memory usage, ... etc... Email notifications are ok but not preferable because Slack is our main method of communication. After some research, we found an easy way to forward notifications from Azure to Slack.

I found this logic app template that has steps to receive a Webhook from an Azure resource, and forward that notification to a Slack channel of our choosing. Setting up the logic app is very easy. All we need to do is click the Deploy to Azure button, fill out the details of the logic app, and select which Slack channel we want the alerts to go to.

Once the logic app is deployed, we will need to authorize it to talk to our Slack account. Edit the logic app and go to the Slack step. Simply login with your Slack credentials and the app is good to go.

We will get a URL that we need to use in our Azure resources.

Simply copy and paste this URL in the Webhook section of any Azure alert.

Now each time this alert fires, we get a notification forwarded to Slack! These alerts do not have to be only from Azure infrastructure. We can also have alerts based on Application Insights custom metrics. For example, we have alerts based on custom events in Application Insights that alert us when a certain metric exceeds a threshold we set (I explain this in more detail here).

Note: By default, the logic app template creates its own App Service Plan and sets it up in the consumption model where you pay per invocation. In our case, we already have an App Service Plan that we want this logic app to run on. Fortunately, there's a way to change the logic app to use an existing plan so we're not paying anything extra. Simply run this PowerShell script.

Param(  
    #the target app service resource group
    [string] $AppService_RG = 'YourResourceGroupNameGoesHere',
    #the target app service name
    [string] $AppService_Name = 'AppServicePlanYouWantTheLogicApppToRunOn',
    #the logic app's resource group
    [string] $LogicApp_RG = 'YourResourceGroupNameGoesHere',
    #the name of the logic app
    [string] $LogicApp_Name = 'YourLogicAppNameGoesHere',
    #the subscription id
    [string] $subscriptionId = 'YourSubIdGoesHere'
)

Login-AzureRmAccount  
$subscription = Get-AzureRmSubscription -SubscriptionId $subscriptionId
Set-AzureRmContext -SubscriptionId $subscriptionId  
$appserviceplan = Get-AzureRmResource -ResourceType "Microsoft.Web/serverFarms" -ResourceGroupName $AppService_RG -ResourceName $AppService_Name
$logicapp = Get-AzureRmResource -ResourceType "Microsoft.Logic/workflows" -ResourceGroupName $LogicApp_RG -ResourceName $LogicApp_Name

$sku = @{
    "name" = $appservicePlan.Sku.tier;
    "plan" = @{
      "id" = $appserviceplan.ResourceId;
      "type" = "Microsoft.Web/ServerFarms";
      "name" = $appserviceplan.Name  
    }
}

$updatedProperties = $logicapp.Properties | Add-Member @{sku = $sku;} -PassThru -Force

$updatedLA = Set-AzureRmResource -ResourceId $logicapp.ResourceId -Properties $updatedProperties -ApiVersion 2015-08-01-preview

Write-Output "Logic App now associated with App Service Plan: $appserviceplan.Name"