Skip to main content

Webhook Connection for Microsoft Azure Functions

You can trigger an Azure Function directly from a Sumo Logic alert by configuring a webhook connection. Once you set up the webhook connection, you'll have the option to use it in a Scheduled Search or Monitor.

For example, you can create a scheduled search that triggers an Azure function when an administrator changes a user’s permissions. This function can then update a database to document the changes for audit purposes.

Create an Azure function

First, create an HTTP-triggered Azure function. For more information, see Azure Functions HTTP triggers and bindings overview.

  1. Create an Azure function using the template HttpTrigger-Powershell.

  2. Copy and paste code of the Azure function into the code field. The following example is an HTTP-triggered PowerShell function:

    $requestBody = Get-Content $req -Raw | ConvertFrom-Json

    "Webhook Triggered"

    $requestBody.text
    $requestBody.raw
    $requestBody.num
    $requestBody.agg

    Out-File -Encoding Ascii -FilePath $res -inputObject "Hello Sumo Logic, from Azure Function"
  3. Click Save.

  4. Copy the function URL, as you will need it in the next section.

Create a Webhook connection

You need the Manage connections role capability to create webhook connections.

Configure the Webhook connection to trigger the Azure function:

  1. Go to Manage Data > Monitoring > Connections.
  2. On the Connections page click Add.
  3. Select Azure Functions.
  4. In the Create Connection dialog, configure:
    • Name. Enter the name of the connection.
    • (Optional) Description, enter a description for the connection.
    • URL. Enter the function URL for the endpoint from the previous section.
    • (Optional) Authorization Header, enter an authorization header, which may include an authorization token.
    • (Optional) Custom Headers, enter up to five comma separated key-value pairs.
    • Alert Payload. Enter a JSON object in the format required. For details on variables that can be used as parameters within your JSON object, see Webhook Payload Variables
    • In the Recovery Payload section, you can customize your recovery notification.
  5. To test the connection, click Test Alert or Test Recovery. If successful, you'll see a 200 OK response message.
  6. Click Save.
Legal
Privacy Statement
Terms of Use

Copyright © 2023 by Sumo Logic, Inc.