Skip to main content
Version: NG-2.16

MS Teams Integration

To send alert messages to MS Teams channels, you need to follow these steps:

Access Microsoft Teams

Ensure that you have the necessary permissions to create and configure connectors in the Teams channel you want to use. You may need to be a Team Owner or have administrator privileges.

Choose a Channel

Select the channel where you want to add the incoming webhook. Click on the channel name to access the channel settings.

Configure Incoming Webhook Connector

  1. In the selected channel, click on the ellipsis (...) next to the channel name to open the menu.
  2. From the menu, select "Connectors."
  3. In the Connectors screen, search for "Incoming Webhook" and click on it.
  4. Click on the "Add" / “Configure” button to configure a new incoming webhook.
  5. Provide a name for the webhook, and optionally, upload an image or icon that represents the webhook.
  6. Click the "Create" button to generate the webhook URL.
  7. Copy the generated webhook URL to your clipboard. This URL is unique to your webhook and is used to send messages to the Teams channel.
  8. Click the "Done" button to finish your webhook configuration.

Form an Alert Message

The alert message needs the necessary information to be present in it. The necessary information is picked from the alert document and embedded into the alert message.

Here is a sample alert message created using the sample alert document following it.

Alert Message

Alert '{{Alert-Rule-Name}}' triggered with severity '{{severity}}' at {{timestamp}}.
Description: {{description}}
Insights: {{R1>M1>insights}}

Sample Alert Doc

{
    "Alert-Rule-Name": "himaja_test_alert3",
    "doc_type": "alert",
    "tenant_id": "1",
    "bu_id": "1",
    "timeToDetect": 300.0,
    "severity": "critical",
    "level": "1",
    "Type": "himaja_test_summary_1",
    "description": "state:1206",
    "summary": "himaja_test_summary_1",
    "R1": {
        "M1": {
            "label": "state",
            "type": "number",
            "value_for_eval_duration": "1206",
            "formatted_value_for_eval_duration": "1206",
            "color": "#dd171d",
            "insights": "Need urgent attention!",
            "matched_threshold": "> 0"
        },
        "status": "Available",
        "name": "001testalert"
    },
    "tags": [
        "Others",
        "DAQ"
    ],
    "group_label": "himaja_test_alert3",
    "timestamp": "2022-05-23 14:55:04",
    "Day": "Monday",
    "@timestamp": "2022-05-23T14:55:04.000Z",
    "Alert-Rule-Evalution-Duration": "10 Minutes",
    "Enterprise Name": "VuNet Systems",
    "active_period_execution": true,
    "alert_id": "13463664",
    "alarm_state": "Notification",
    "start_time": "2022-05-23T14:55:04.000Z",
    "type": "himaja_test_summary_1",
    "index_prefix": "vunet-1-1-alert-stats"
}

Advanced Configuration

This section allows users to customize MS Teams settings using YAML, including payload transformations, field mappings, severity conversions, and additional attributes. It provides step-by-step instructions for defining static fields, dynamic mappings, and severity conversions for seamless integration with MS Teams. For details, please refer to the Creating Advanced Configuration section.

Default Payload Configuration

This section provides the default payloads for MS Teams, which serve as the base structure for sending messages. Users can modify, extend, or override these defaults using YAML-based configurations to adjust field mappings, transformations, and additional attributes as needed. For more details on creating the payload configuration script, refer to Creating Payload Configuration Script.

Default payloads for MS Teams

{  
  "channel\_url":"https://example.webhook.office.com/webhookb2/abc12345-6789-0123-4567-abcdefg12345@abcdefg/IncomingWebhook/7890abcdef1234567890abcdef/abcd1234efgh5678ijkl9012" ,   
teams\_message :  
 "Summary : MS-Team\_Integration-OAUTH-Alert-tdsasdfg for count:30  
Severity : error  
Time : 01:54:22 PM March 12 2025 IST  
Duration : 0 Second(s)  
StartTime : 01:54:22 PM March 12 2025 IST  
State : Notification  
Alert ID : 2025Mar12-3582a1  
Description : MS-Team\_Integration-OAUTH-Alert-tdsasdfg  
More Details : NA  
"
}

FAQs

What steps are needed to integrate MS Teams for alert delivery?

Set up an Incoming Webhook from your Teams channel, copy the webhook URL, and configure it in MS Teams Configurations.

Can I customize messages sent to MS Teams?

Yes, you can use YAML or a Python script to format messages and embed alert details like rule name, severity, timestamp, and insights.