Azure Automation Runbook: Test-OMSAlertRemediation
Couple of weeks ago, I published a post titled OMS Alerting Walkthrough. I mentioned in the post that I have written a test runbook called Test-OMSAlertRemediation that extracts information from the OMS alert JSON input sends to you via email.
Once you have created this rnbook in your Azure Automation account, you can use it as the remediation runbook for any OMS alerts.
param ([object]$WebHookData) #Process inputs from webhook data Write-Verbose "Processing inputs from webhook data." $WebhookName = $WebhookData.WebhookName Write-Verbose "Webhook name: '$WebhookName'" $WebhookHeaders = $WebhookData.RequestHeader $WebhookBody = $WebhookData.RequestBody Write-Verbose "Webhook body:" Write-Verbose $WebhookBody $SearchResults = (ConvertFrom-JSON $WebhookBody).SearchResults $SearchResultsId = $SearchResults.id $SearchResultsValue = $SearchResults.value $SearchResultsMetaData = $SearchResults.__metadata #$SearchResult = $Inputs.SearchResult Write-Verbose "Search Results:" Write-Verbose $SearchResults $SMTPConnection = Get-AutomationConnection SMTPNotification $Subject = "Alert Remediation Runbook Input'" $Body = @" Search Results: Id: $SearchResultsId Value: $($SearchResultsValue | out-String) Meta Data: $SearchResultsMetaData "@ Send-Email ` -Body $Body ` -HTMLBody $false ` -SMTPSettings $SMTPConnection ` -Subject $Subject ` -To firstname.lastname@example.org
This runbooks uses the SendEmail module for sending emails. You can install it to your automation account directly from PowerShell gallery(https://www.powershellgallery.com/packages/SendEmail/), or download the source code from GitHub(https://github.com/tyconsulting/SendEmail_PowerShellModule). Once the module is deployed to your Automation Account, you will then need to create a connection with type “SMTPServerConnection” with the name “SMTPNotification”:
You will also need to place your email address in the last line of the runbook.
The email below is a sample of what this runbook produces:
Hopefully this runbook would help you when you are designing your OMS alerting solutions.
Leave a comment