OpsGenie and ApplicationInsights: How to include query results data and link to query results?

Question

I have Alerts in Azure Application Insights that are fired if exception count > 0 and then the message is sent to OpsGenie via webhook. The integration works great, but I need to include more information about exceptions (message and type) from AppInsights that are related to the query result of alert. I'd also like to include URL to query results as well.

I tried to use the following Log search with the query, but I was not able to "catch" information about query results in OpsGenie.

exceptions
| where details[0].severityLevel == "Error"
| order by timestamp

I also tried to use Exception metrics as a signal, but couldn't get that information as well.

The payload I have (GUIDs are obfuscated to [GUID]):

{
  "alertLogOwner": "Azure",
  "actionOwner": "Azure",
  "alertId": "[GUID]",
  "_incomingData": {
    "_parsedData": {
      "-teams": [
        "[GUID]"
      ],
      "-actions": [],
      "-tags": [],
      "description": "[OpsGenie] Exceptions on Prod count larger than 0",
      "alias": "[/subscriptions/[GUID]/providers/Microsoft.AlertsManagement/alerts/[GUID]]",
      "_details": {},
      "source": "Azure",
      "message": "[Azure]  GreaterThan 0 LogQueryCriteria in the last PT5M mins was activated\nDescription: [OpsGenie] Exceptions on Prod count large",
      "priority": "P3",
      "entity": ""
    },
    "integrationType": "Azure",
    "integrationName": "Azure Digital (Prod alerts)",
    "integrationId": "[GUID]"
  },
  "_actionSource": {
    "sourceSubName": "Create Alert",
    "sourceType": "Azure",
    "domain": "integration",
    "incomingDataId": "[GUID]",
    "sourceName": "Azure Digital (Prod alerts)"
  },
  "alertLogType": "system"
}

I don't see any way to get query results / URL to the alert from the above. So, the question is: How can I get query results and URL to the alert of Azure Application Insights Alert in the OpsGenie.

Answer 1

How can I get query results and URL to the alert of Azure Application Insights Alert in the OpsGenie?

As suggested by Nick H, adding gist as a community wiki answer to help community members who might face a similar issue.

• If the exceptions (message and type), and the URL from AppInsights are included in the payload, you can use string processing or regex to extract them into the alert.

Note: The information needs to be included in the payload. If it's not being sent from AppInsights to Opsgenie, then it wouldn't be possible.

If this data is being parsed in the payload, but having trouble extracting the data into the alert or finding it in the Logs, you can reach out to Opsgenie support