Send alert notifications to Microsoft Teams using Splunk Observability Cloud π
You can configure Splunk Observability Cloud to automatically send alert notifications to a Microsoft Teams channel when a detector alert condition is met and when the alert clears.
To send Observability Cloud alert notifications to Microsoft Teams, complete the following configuration tasks:
Step 1: Get the webhook URL for the Microsoft Team channel
You must be an owner or administrator of the Microsoft Team to complete this task.
Step 2: Create a Microsoft Teams integration in Observability Cloud
You must be an Observability Cloud administrator to complete this task.
Step 3: Add a Microsoft Teams integration as a detector alert recipient in Observability Cloud
For troubleshooting information, see Troubleshooting Microsoft Teams.
Existing Office 365 integrations appear in Observability Cloud within the Microsoft Teams tile.
Step 1: Get the webhook URL for the Microsoft Team channel π
You must be an owner or administrator of the Microsoft Team to complete this task.
To get the webhook URL for the Microsoft Team channel:
Log in to Microsoft Teams and navigate to the list of teams.
Select the team that contains the channel you want to send alert notifications to. Expand the list of channels.
Find and hover over the channel you want to send alert notifications to. Select More options (β¦) and then select Connectors.
Find the Incoming Webhook connector. Select Add. If the connector has already been added to the channel, select Configure.
Enter a descriptive name for the connector.
Select Create. Microsoft Teams generates a webhook URL.
Select the Copy to Clipboard icon to copy the webhook URL for use in Step 2: Create a Microsoft Teams integration in Observability Cloud.
Select Done.
Step 2: Create a Microsoft Teams integration in Observability Cloud π
You must be an Observability Cloud administrator to complete this task.
To create a Microsoft Teams integration in Observability Cloud:
Log in to Splunk Observability Cloud.
Open the Microsoft Teams guided setup . Optionally, you can navigate to the guided setup on your own:
In the left navigation menu, select .
Select Add Integration.
In the integration filter menu, select All.
In the Search field, search for Microsoft Teams, and select it.
Select New Integration to display the configuration options.
By default, the name of the integration is Microsoft Teams. Give your integration a unique and descriptive name. For information about the downstream use of this name, see About naming your integrations.
In the Webhook URL field, paste the webhook URL you copied in Step 1: Get the webhook URL for the Microsoft Team channel. The webhook URL looks similar to this:
https://<tenantName>.webhook.office.com/webhook2/<GroupExternalObjectGuid>@<TenantExternalGuid>/<ProviderName>/<AlternateGuid>/<GroupOwnerExternalObjectGuid>.Save.
If Splunk Observability Cloud can validate the Microsoft Teams webhook URL, a Validated! success message displays. If an error displays instead, make sure that the webhook URL value you entered matches the value displayed in Microsoft Teams in Step 1: Get the webhook URL for the Microsoft Team channel.
Step 3: Add a Microsoft Teams integration as a detector alert recipient in Observability Cloud π
To add a Microsoft Teams integration as a detector alert recipient in Observability Cloud:
Create or edit a detector that you want to configure to send alert notifications using your Microsoft Teams integration.
For more information about working with detectors, see Create detectors to trigger alerts and Subscribe to alerts using the Detector menu.
In the Alert recipients step, select Add Recipient.
Select Microsoft Teams and then select the name of the Microsoft Teams integration you want to use to sends alert notifications. This is the integration name you created in Step 2: Create a Microsoft Teams integration in Observability Cloud.
Activate and save the detector.
Observability Cloud sends an alert notification to the Microsoft Teams channel when the detector triggers an alert and when the alert clears.
Troubleshoot your Microsoft Teams notification service integration π
If the Microsoft Teams channel stops receiving notifications, consider the following troubleshooting tips:
Verify that the Microsoft Teams notification service integration in Observability Cloud still exists. To troubleshoot, complete the following steps. You must be an Observability Cloud administrator to complete these steps.
In the Observability Cloud navigation menu, select Data Management.
In the CATEGORIES menu, select Notification Services.
Select the Microsoft Teams tile.
Find your integration and select to expand it.
Select the Integrations menu and select Validate. If you see an error message, Connector configuration not found, then the Incoming Webhook connector was removed from the Microsoft Teams channel and you must add it back. To do this, see Step 2: Create a Microsoft Teams integration in Observability Cloud.
Verify that the Microsoft Teams notification service integration in Splunk Observability Cloud has not been changed to send alert notifications to a different Microsoft Teams channel.
Verify that the Microsoft Teams notification service integration is still the alert recipient on the detector in Observability Cloud.
Verify that the Observability Cloud detectorβs alert rules have not changed, causing it to send alert notifications for different reasons.