ALZ Monitoring Alerts Process
This page is a guide for ALZ Engineers to review and act on the Azure monitoring alerts within Azure Landing zone teams channel. Alerts are only generated for the Spokes we support end-to-end: Prod Hub, Prod Shared Services and Prod Small Services Space (aka SMSS or 3S).
ALZ Monitoring Rota
As an ALZ engineer you will use the current OOH rota (provided by service level management) as a guide for who will monitor the Azure Monitoring alerts channel in the day time. Please note the rota needs to be updated:
- When Providing Holiday or Sickness cover
- When we have new starter\leaver
- When it’s start of a new year
Below is a snapshot of the weekly rota:
| Week 1 | Week 2 | Week 3 | Week 4 |
|---|---|---|---|
| Alan | Ravi | Noor | Kokulan |
| 02/02/2026 | 09/02/2026 | 16/02/2026 | 23/02/2026 |
| 02/03/2026 | 09/03/2026 | 16/03/2026 | 23/03/2026 |
| 30/03/2026 | 06/04/2026 | 13/04/2026 | 20/04/2026 |
| 27/04/2026 | 04/05/2026 | 11/05/2026 | 18/05/2026 |
| 25/05/2026 | 01/06/2026 | 08/06/2026 | 15/06/2026 |
| 22/06/2026 | 29/06/2026 | 06/07/2026 | 13/07/2026 |
| 20/07/2026 | 27/07/2026 | 03/08/2026 | 10/08/2026 |
| 17/08/2026 | 24/08/2026 | 31/08/2026 | 07/09/2026 |
| 14/09/2026 | 21/09/2026 | 28/09/2026 | 05/10/2026 |
| 12/10/2026 | 19/10/2026 | 26/10/2026 | 02/11/2026 |
| 09/11/2026 | 16/11/2026 | 23/11/2026 | 30/11/2026 |
| 07/12/2026 | 14/12/2026 | 21/12/2026 | 28/12/2026 |
| 04/01/2027 | 11/01/2027 | 18/01/2027 | 25/01/2027 |
Alert Notifications
We have 2 channels under the Azure Landing Zone team in Microsoft Teams that are used to receive alert notifications.
Azure Monitor has been configured to generate alerts within the Monitoring Alerts channel.
The Notifications channel is used to receive information from 2 pipelines which run daily (“Routes missing from Hub Internal Subnet UDRs” and “Pipelines with build on fork enabled”) plus the monthly Azure Advisor recommendations.
Teams channels:
Example Monitoring Alert:
Reviewing Alert Notifications
ALZ Engineers will be responsible for reviewing the Alerts within the Monitoring Alerts and Notifications channels each day.
When reviewing the alert the engineer needs to determine whether it’s an Incident or not:
- A guide to our Incident Types.
- If we think it’s an Incident please follow the Incident Management Process.
If the Alert is not severe enough to be an incident we should at least follow Moderate Incident type as guide to a less involved process.
All alerts must be acknowledged by an ALZ Engineer, regardless whether it is an incident or not, to show that the alert as been reviewed and then resolved. This is done by replying to the Alert message that is created in the Teams chat.
Instructions to resolve: “Pipelines with build on fork enabled”
The pipeline is build-on-fork-audit.yml and details of the Shell script can be found at fork_trigger_checksh
- Find the pipeline in Azure DevOps
- Click
Edit(top right) - Click the three dots (top right)
- Click
Triggers - Click the Pull request validation entry
- Untick: Build pull requests from forks of this repository (see screenshot below)
- Click the dropdown next to “Save & queue” and select
Save
ALZ Incident Management
ALZ Incident Management Approach