Enabling Alerting for Azure Recovery Services Vault

Azure Recovery Services Vault is a backup resource within Azure, primarily used for Virtual Machine backups and Azure Site Recovery. Both of which are critical to the successful running of an environment in Azure, whether it be backing up the data on the Virtual Machine or the requirement to have Site Recovery enabled to allow Virtual Machines to be replicated into another region.

In this blog, I will show how to enable alerting for both backup alerts and Site Recovery events – this will also include how-to via PowerShell as well.

Due to a current constraint with backup alerts and enabling email notifications via PowerShell I will show can this can be done via shipping logs to Log Analytics and alerting from within Log Analytics. There may be a want, to have this fully automated so using this way will cater for this.

Site Recovery Events

Using Site Recovery? Lets have a look at alerting on events you may want to be alerted to in the event of an issue.

For each of these alerting setups, I will be using Recovery Services Vault:: tamops-recoveryvault

Open Recovery Services Vault

Select Site Recovery Events

Select Email Notifications

Select which users you want to receive these notifications and save

PowerShell

The below will enable the email notifications for custom email address and also Azure service admins/co-admins

#Get Recovery Services Vault Context
$recovery_vault = Get-AzRecoveryServicesVault -Name "tamops-recoveryvault" -ResourceGroupName "tamops"

Set-AzRecoveryServicesAsrVaultContext -Vault $recovery_vault

#Set Site Recovery Service Alert Notifications
Set-AzRecoveryServicesAsrAlertSetting -CustomEmailAddress "test@thomasthornton.cloud" -EnableEmailSubscriptionOwner

Backup Alerts

Open Recovery Services Vault

Select Backup Alerts

Select Configure Notifications

Configure as below and select save, depending on the Severity notifications you want to be alerted on.

PowerShell

Slightly different setup if you want to automate this process, as of writing this blog the configure notifications above for Backup Alerts is not possible by code. A workaround is sending the AzureBackupReport logs to Log Analytics and report from there as mentioned at the start of this blog.

#Get Recovery Services Vault Context
$recovery_vault = Get-AzRecoveryServicesVault -Name "tamops-recoveryvault" -ResourceGroupName "tamops"

#Get Log Analytics Context
$loganalytics = Get-AzOperationalInsightsWorkspace -Name "tamops-la" -ResourceGroupName "tamops"

# Enable diagnostic setting 
Get-AzDiagnosticSetting -ResourceId $recovery_vault.ID
Set-AzDiagnosticSetting -Name "BackupLog" -ResourceId $recovery_vault.ID -Enabled $True -Category AzureBackupReport -WorkspaceId $loganalytics.ResourceId

Snippet from PowerShell output, you will see AzureBackReport now enabled

Logs
    Category        : AzureBackupReport
    Enabled         : True
    RetentionPolicy
    Enabled : False
    Days    : 0

Viewing this manually

Open Recovery Services Vault

Select Diagnostic Settings

You will see the newly created BackupLog Diagnostic settings

If selecting edit, other available categories can be added

Querying this data within Log Analytics is done via table AzureDiagnostics example query below. From that, alerting can be created!

AzureDiagnostics
| where BackupManagementType_s == "IaaSVM"

1 thought on “Enabling Alerting for Azure Recovery Services Vault

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.

%d bloggers like this: