Email Integrations define the processing rules for creating AlertOps alerts from inbound emails.

Advanced Email – Open, Close and Deduplicate Alerts

You can set an advanced email integration to when an alert is opened or closed, and also to filter out duplicate alerts and reduce noise..

  • Enter a mailbox name (note: you can share email boxes between integrations).
  • Enter a unique name for this integration.
  • Select a Message Rule.
  • Enter Recipient User(s) or Recipient Group(s) that will receive alerts.
  • Set the Every Incoming Email Will Open An Alert to Off.

Next, configure the rules.

Example: Nagios Email Alerts

This example will be based on Nagios email alerts.

We will map the incoming alerts based on the subject and body structure of the Nagios example.

Matching alerts

The Source Name and Source Identifier are used to match one alert to another, such as an alert to OPEN an alert and an alert to CLOSE an alert.

You can extract the Source Name and Source Identifier from either the subject or the body of the email.

In this example, we will extract both from the body.

The Source Name will be the Service, which we will extract from the body between the Service: and Host: text.

The Source Identifier will be the Host, which we extract between Host: and Address: tags.

Next, we will set the commands that control when an alert will be opened or closed.

We will use the subject, and an alert will be opened whenever the subject contains PROBLEM.

An alert will be closed whenever the subject contains RECOVERY.

You can enter multiple values for Open Alert When and Close Alert When commands.

An alert will be updated when the subject contains UPDATE.

Update Alert commands tell AlertOps to process updates as additional messages, which are attached to the alert as messages, but do not create additional alerts.

The Ignore Duplicates function is deprecated, and is available only for backward compatibility.

Additional Alert Field Mapping

Additional Settings exist form mapping  additional fields.

Long Text is used as the default message body in Mobile, Email and SMS notifications.

Short Text is used as the default message body in Voice notifications.

The Source URL allows you to send a URL from the alert source.

You can assign the alert owner using their official email. The Assignee Mail must match an AlertOps’ User Official Email.

You can assign the Recipient User. The Recipient User must match an AlertOps’ User username.

You can assign the Recipient Group. The Recipient Group must match an AlertOps’ Group name.

You can assign the Topic using the text between two tags in the email body. The Topic must match an AlertOps’ Topic name.

You can send a conference bridge phone number.

You can send a conference bridge access code.

 

Filter Controls

Use Filters to Control whether the incoming alert matches the rule.

All filters must be true in order for the incoming alert to be processed by the rule.

Subject Filters Add Subject filters as logical AND, NOT and OR (AND and NOT unchecked).

Body Filters Add Body filters as logical AND, NOT and OR (AND and NOT unchecked).

Senders / Recipients Filters Add Sender or Recipient filters as logical AND, NOT and OR (AND and NOT unchecked).

Priority Filters Add Email Priority filters as logical AND, NOT and OR (AND and NOT unchecked).

Alert Delaying Options

Delay notifications for alerts received within minute(s) 

After receiving an incoming alert, AlertOps will wait the specified number of minutes and the specified number of alerts have been received before opening an alert.

Delay notifications for alerts received 

After receiving an incoming alert, AlertOps will wait until the specified number of alerts have been received before opening an alert.

Delay notifications for minute(s) 

After receiving an incoming alert, AlertOps will wait the specified number of minutes been received before opening an alert.

Delay notifications until support hours begin 

If an incoming alert is received outside of support hours, AlertOps will wait until the next support hours shift begins before opening an alert.

Did this answer your question?