Azure Monitor Alerts

Integration version1.0.0

Overview

This integration lets you forward Azure Monitor Alerts to Datadog as Events using a webhook. Azure Monitor alerts are automatically forwarded to Datadog whenever they fire or resolve, providing you with a unified view of your infrastructure alerts across both platforms.

This integration enables you to:

  • View Azure Monitor alerts alongside other Datadog events for comprehensive monitoring
  • Correlate Azure alerts with metrics, logs, and traces in Datadog

Setup

Step 1: Create a Datadog API Key

You’ll need a Datadog API key to authenticate the incoming webhook from Azure.

  1. In Datadog, go to Organization Settings > API Keys.
  2. Click New Key.
  3. Enter a descriptive name for the key (for example, “Azure Monitor Alerts”).
  4. Click Create Key.
  5. Copy the generated API key and save it securely.

Step 2: Create or Edit an Azure Action Group

Azure Monitor alerts use action groups to trigger notifications, including webhooks.

  1. In the Azure Portal, go to Monitor > Alerts > Action Groups.
  2. Click + Create or edit an existing action group.
  3. In the Actions step:

    • Select Webhook as the action type.

    • Set the URI to the following, replacing <DATADOG_SITE> with your Datadog site and <YOUR_API_KEY> with your API key:

      https://event-management-intake.<DATADOG_SITE>/api/v2/events/webhook?integration-id=azure-monitor-alerts&dd-api-key=<YOUR_API_KEY>

    • Important: Enable the Common Alert Schema (this is required).

Choose the Correct Datadog Site

Use the appropriate subdomain based on your Datadog site:

Datadog SiteWebhook Subdomain
US1event-management-intake.datadoghq.com
US3event-management-intake.us3.datadoghq.com
US5event-management-intake.us5.datadoghq.com
EU1event-management-intake.datadoghq.eu
AP1event-management-intake.ap1.datadoghq.com
AP2event-management-intake.ap2.datadoghq.com

Step 3: Assign Action Group to Alerts

Attach the action group to any Azure Monitor alert rule:

  1. In the Azure Portal, go to Monitor > Alerts.
  2. Create or edit an Alert rule.
  3. In the Actions step, select the action group you created in Step 2.
  4. Save the rule.

Validation

Once configured, alerts from Azure will be forwarded to Datadog as events. To validate the integration:

  1. Create a test alert rule in Azure Monitor or wait for an existing alert to trigger.
  2. Check the Datadog Event Explorer for events tagged with source:azure-monitor-alerts.
  3. Verify that alert details like resource, severity, and timestamp appear correctly.

Note: Avoid using the “Test Action Group” button in Azure, as it may send payloads with old timestamps that exceed Datadog’s 18-hour limit for event timestamps.

Data Collected

Events

Azure Monitor Alerts produces an event in Datadog corresponding to each alert in Azure Monitor. These events include:

  • Alert name and description
  • Resource information (subscription, resource group, resource name)
  • Alert severity and status (fired/resolved)
  • Timestamp and duration
  • Associated monitoring rules and conditions

Events appear in the Datadog Event Explorer with the source tag azure-monitor-alerts.

Troubleshooting

Common Issues

Events not appearing in Datadog

  • Double-check the webhook URL to ensure it matches your Datadog site
  • Make sure Common Alert Schema is enabled in the Azure Action Group
  • Confirm your Datadog API key is valid and active

Test Action Group fails

  • Azure’s test feature may send payloads with old timestamps that exceed Datadog’s 18-hour limit
  • Instead, create a real test alert or manually call the webhook endpoint with a current timestamp

API key security

  • Azure does not support custom HTTP headers in webhook actions, so the API key must be passed as a query parameter
  • For enhanced security, consider using a custom Azure Logic App as a relay to add the API key as a header

Need help? Contact Datadog support.