Custom monitoring alerts trigger as expected but don’t display on our visualization dashboard after we updated the alert schema to include additional metadata fields. The alerts are firing correctly in Azure Monitor (we see them in the activity log), but the dashboard widget shows zero active alerts. This is breaking our incident response workflow since the operations team relies on dashboard visibility.
We added three custom fields to the alert schema: deviceGroup, severity_level, and correlationId. Standard alerts with the default schema still appear fine. The dashboard widget setup hasn’t changed, so we suspect the custom alert schema isn’t being properly consumed by the visualization layer. Event correlation between related alerts is also failing now. Anyone experienced issues with alert stream configuration after schema modifications?
The dashboard alert widget expects a specific schema structure. When you add custom fields, you need to update the widget’s field mapping configuration. Check your dashboard JSON config for the alert widget - there should be a fieldMappings section where you map your custom fields to the widget’s expected properties.
Found the fieldMappings section but it only has entries for standard fields like severity, timestamp, and description. Do I need to explicitly map every custom field, or should the widget handle them automatically? Also, where exactly is the schema validator configuration in Alert Processing Rules? I don’t see an obvious place to modify allowed schemas.
The event correlation failure is likely because correlationId is a reserved field name in Azure Monitor’s correlation engine. Try renaming it to customCorrelationId or alertGroupId. As for the dashboard, you need to explicitly enable custom schema support in the widget properties. Set allowCustomFields: true and the widget will pass through unknown fields to the display layer.
Check your alert action group configuration. When you modified the schema, did you update the webhook payload template? The dashboard widget receives alerts through the action group webhook, and if the payload doesn’t match what the widget expects, it silently drops the alert. You need to ensure your custom fields are included in the webhook JSON payload and properly formatted.
Your issue involves multiple configuration layers that need to align. Here’s the comprehensive fix:
Alert Stream Configuration: The stream processor validates incoming alert schemas. Navigate to Azure Monitor > Diagnostic Settings > Alert Stream, and update the schema definition to include your custom fields. Add this to the allowed properties:
deviceGroup: string
severity_level: integer
customCorrelationId: string
Note: Rename correlationId to avoid conflicts with Azure’s built-in correlation system.
Dashboard Widget Setup: Update your alert widget configuration with explicit field mappings. In your dashboard JSON, modify the alert widget config:
"fieldMappings": {
"severity": "severity_level",
"group": "deviceGroup",
"correlation": "customCorrelationId"
}
Also set "allowCustomFields": true and "strictSchemaValidation": false to enable flexible schema handling.
Custom Alert Schema: Verify your alert rule’s action group webhook payload includes all custom fields. Edit the webhook payload template to ensure proper JSON structure. The payload must nest custom fields under a “customDimensions” object for the dashboard to parse them correctly.
Event Correlation: Implement custom correlation logic since you can’t use the reserved correlationId field. Configure correlation rules in Azure Monitor to group related alerts using your customCorrelationId field. Create a new correlation rule set that matches on deviceGroup AND customCorrelationId to link related incidents.
After updating these configurations, restart the alert stream processor (toggle the diagnostic setting off/on) and refresh your dashboard cache. Test with a sample alert to verify the custom fields appear correctly. The key is maintaining schema consistency across the entire alert pipeline - from generation through streaming to visualization.
I’ve seen this before. The alert stream configuration uses a schema validator that rejects messages with unexpected fields by default. You need to update the stream processor to allow your custom schema. Go to Azure Monitor > Alert Processing Rules and add your custom fields to the allowed schema definition. Also check if your correlationId field is conflicting with the built-in correlation mechanism.