AlertOps and BigPanda

AlertOps’ alert management system can be integrated with BigPanda to receive and respond to critical alerts/incidents through email, SMS, push notification or phone alerts. AlertOps would ensure that the alert would reach the appropriate team by using proper workflows, escalation policies and schedules. Based on your ruleset, incidents can be automatically opened and closed, depending on whether BigPanda reports a problem or a recovery.

BigPanda can be used to create incidents in AlertOps, based on high-level incidents that are smartly aggregated and correlated from the flood of alerts. We can save time, reduce mistakes, and ensure the entire group/team has a real-time synced view of what is happening within BigPanda.

The above scenario and scope for integration is due to the fact that AlertOps has a very flexible and simple API/Webhook configuration feature that can be leveraged with BigPanda’s incident correlation and sharing/API capabilities. We can ideally share incidents to AlertOps for specific trigger conditions like, when an alert status has changed, acknowledged value has changed, incident enters a flapping/snooze state.

AlertOps - Inbound Integrations

You can define rulesets in AlertOps so that BigPanda can send out notifications to the AlertOps platform. AlertOps would ensure based on these notifications received, that it would always reach out and assign to the correct person/team by utilizing its escalation policies, schedules, and workflow features.

AlertOps provides Inbound Integrations to integrate with numerous monitoring, chat and ITSM tools. You can configure an inbound integration for BigPanda incidents.

At a high level this is how the flow looks like, you define an API integration in the AlertOps platform by defining settings like Integration Name, Escalation rules, recipient users/groups. Once an integration is defined, a unique API URL is generated. This acts as webhook or the gateway through which notifications from BigPanda reach AlertOps and thus an incident/alert is created correspondingly. The API can be defined with various settings like URL mappings, filters, escalations etc. as required. BigPanda should be defined with an integration and sharing option to send incidents to AlertOps.

To configure a BigPanda API Integration in AlertOps:

  • In the menu on left pane, select Integrations > Inbound Integrations > Add API Integration.

  • There are numerous integration options available in AlertOps, select BigPanda

  • You can then specify basic settings like the integration name, escalation policy, names of the recipients/groups for which the alerts must be assigned to

  • On clicking SAVE, the API Integration will be created, and you will be given a unique URL which acts the access point and needs to be configured at the source (in this case BigPanda), to send alerts. You can find the integration you just created, and you can give advanced settings and define various configurations for the alerts to be received and processed. For example, you can define when to open and close alerts based on the response obtained from the API call, filters etc.

  • Make a note of the API URL, which will be used in BigPanda, so it calls a HTTP POST request to this URL with the body in JSON format containing the alert specific information. AlertOps automatically creates an alert when the 4 status variable (incident^status) contains the below specified values (as per the definition in the screenshot above). The incident will also be closed automatically when the status ‘Ok’ is received.

  • You can similarly define URL mappings as you want, owing to the flexibility provided by AlertOps’ Open API integrations. You can provide other filters and match with regex expressions as well. You can also test the generated URL

Configuration of BigPanda for AlertOps Integration

  • Login to your BigPanda portal > select ‘Integrations’ in the top tab.

  • Click on New Integration > Select Webhook Integration

  • Give an integration name and generate an App Key for the first step

  • In the second step, give the Callback URL as the API URL which you configured in your inbound integration.

To create an AutoShare configuration, to share incident updates through your channel,

  • In the top right corner, select the Settings Icon, and select > AutoShare. You have to create a rule to automatically share or receive notifications about new incidents in an environment.

  • Select the option “+Create AutoShare”

  • Under Environment – choose ‘All’ (you can choose this as per your actual BigPanda setup), and under ‘Escalate Via’ select the Webhook Integration which you defined in the previous step.

  • Click Next, you can enter a message to be sent through this AutoShare option (something like “AlertOps-BigPanda Incident: <>”) – Click Create. Make sure the ‘Active’ state is toggled on.

    That’s it! You have created an integration with AlertOps, and enabled Autosharing, so that incident change updates are sent to AlertOps for advanced incident management

    Message logs, alert specific information can be viewed in the “Inbound Log” section in AlertOps. Alerts can be viewed in the ‘Alerts’ tab as well.

Alert Triggering Information:

AlertOps will automatically create an incident when a new alert is received from BigPanda when the incident^status field contains “Critical/Warning/Unknown”

If an alert with status “Critical/Warning/Unknown” matches an existing Open Alert, AlertOps will recognize the new alert as a duplicate and ignore the alert. The alert will be recorded in the Inbound Messages table as “Mapped Appended.”

AlertOps will automatically close the same incident when an alert with status contains “Ok”.

References:

AlertOps Integration Guides

General Restful API Guide

BigPanda Docs

BigPanda Incident Management

Did this answer your question?