- 12 May 2023
- 3 Minutes to read
- Print
- DarkLight
- PDF
Moogsoft
- Updated on 12 May 2023
- 3 Minutes to read
- Print
- DarkLight
- PDF
AlertOps and Moogsoft
AlertOps’ alert/incident management system can be integrated with Moogsoft to receive and respond to critical alerts/incidents through email, SMS, push notification or phone alerts. AlertOps would ensure that the alert would reach the appropriate team by using proper workflows, escalation policies and schedules. Based on your ruleset, incidents can be automatically opened and closed, depending on whether Moogsoft reports a problem or a recovery.
In general, a monitoring environment could monitor tens of thousands of hosts, services and platforms that scale up and down so quickly. Customers would not know the relationships between these hosts and services (quite simply because there is so much). This is where Moogsoft comes into picture, such that it “intelligently” correlates incidents and as such, this could be handled/managed seamlessly with AlertOps. AlertOps and Moogsoft can work together bidirectionally as well owing to AlertOps' flexbility and OpenAPI config/workflow features.
AlertOps Inbound Integrations:
We can define an inbound integration in AlertOps for Moogsoft Incidents. AlertOps would ensure based on these alerts or incidents received, it would always reach out and assign to the correct person/team by utilizing its escalation policies, schedules, and workflow features.
AlertOps provides Inbound Integrations to integrate with numerous monitoring, chat and ITSM tools.
- In the menu on the left pane, select Integrations > Inbound Integrations > Add API Integration.
- There are numerous integration options available in AlertOps, select Moogsoft,
- Once you select the type of integration you want, you can then specify basic settings like the integration name, escalation policy, names of the recipients/groups for which the alerts must be assigned to.
- Advanced configuration settings can be defined to create specific alerts and incidents for different states received from Moogsoft.
On clicking SAVE, the API Integration will be created, and a unique URL which acts the access point and needs to be configured at the source (in this case Moogsoft), to send alerts. You can find the integration you just created, and you can give advanced settings and define various configurations for the alerts to be received and processed. For example, you can define when to open and close alerts based on the response obtained from the API call, filters etc.
In the ‘Advanced Settings’ tab, you can get Moogsoft payload which you send from Moogsoft to be mapped accordingly under Rules for Opening and Closing an alert. AlertOps gives you the flexibility to map variables coming from Moogsoft how you want. You can also test the integration with sample data.
Configure Integration in Moogsoft
- To send an outbound alert or incident from Moogsoft – an Outbound Webhook can be defined in. To create an outbound webhook, in the Integrations pane – select ‘Webhook’ in ‘Outbound Integrations’ - ‘Add a Webhook’.
- The next set of steps is self-explanatory. You can select whether you want to send alerts or incidents and send data in JSON format embedded with Moogsoft Macro defined fields (source, service etc.).
- Make sure you configure it as per the screenshot below or copy/paste the payload specified below. Save. There is a 'TEST' button, so you can send out a sample incident to AlertOps.
{
"assignee": "$assignee",
"classes": "$classes",
"closed_on": "$closed_on",
"created_at": "$created_at",
"description": " $description",
"first_event_time": "$first_event_time",
"in_progress_on": "$in_progress_on",
"incident_id": "$incident_id",
"last_event_time": "$last_event_time",
"last_state_change": "$last_state_change",
"resolved_on": "$resolved_on",
"services": "$services",
"severity": "$severity",
"status": "$status",
"superseded_by": "$superseded_by",
"tags": "$tags",
"total_alerts": "$total_alerts"
}
You have configured an integration for Moogsoft Incidents. Any incident in Moogsoft would create an Alert in AlertOps for incident management and can be found in "Inbound Logs"/"Alerts" in the AlertOps environment.
Alert Triggering Information
AlertOps will automatically create an incident when a new alert is received from Moogsoft when the status field contains “open”, “in progress” or “error”.
If an alert with status “open”, “in progress” or “error” matches an existing Open Alert, AlertOps will recognize the new alert as a duplicate and ignore the alert. The alert will be recorded in the Inbound Messages table as “Mapped Appended.”
AlertOps will automatically close the same incident when an alert with a message contains “resolved” or “closed”.
References
AlertOps - Moogsoft Workflow Integrations
Moogsoft Outbound API Integration (Payload Objects)