How to Best Use Alert Activity Logs in Opsgenie

Opsgenie’s alert activity logs are a powerful tool for tracking the lifecycle of an alert from creation to closure. By understanding how to use these logs effectively, you can debug issues with your alerts and ensure smooth incident management. Here’s a guide on how to best utilize the alert activity logs in Opsgenie.

Understanding the Activity Log

The activity log in Opsgenie provides a historical view of everything that has happened to an alert. This includes its creation, notifications sent, actions taken by users, and any changes in its status. Let’s break down how to use this feature effectively.

Tracking Alert Creation

When an alert is created, you can see the initial entry in the activity log. For example, if an alert is created via an email integration, the log entry might look like this:

Alert created via Email [TEST_Email-Create Alert] with incomingDataId [XXXXX] with tiny id [XX] id [XXXXXX]

This entry provides crucial information such as the integration name, incoming data ID, and alert ID. These details can be used for further investigation in the system logs.

Monitoring Notification Event

To understand how notifications are sent, examine the notification log entries. For instance, if a recipient was added based on a responder team and their routing rule, the log might show:

Added as recipient due to team [JSM Team via routing rule (Default Routing Rule)] >> esc [JSM Team_escalation] >> sch [JSM Team_schedule]

This helps in identifying how and why a user received a notification. If a user did not receive an expected notification, reviewing the team’s configuration and routing rules can provide insights.

Example Scenario

Consider an alert created through an email integration. By checking the activity log, you can see the alert’s creation entry, notification events, and any actions taken by users. This historical view helps in understanding the alert’s lifecycle and identifying any issues that need to be addressed.

Debugging Issues with Notifications

If you encounter issues where users are not receiving notifications, the activity log can be a starting point. Check the log entries to see if the notifications were triggered and routed correctly. Additionally, remember that if a team member views an alert via the mobile app, they will be added to the alert and receive notifications such as acknowledgments and closures.

Using System Logs for Detailed Investigation

The alert activity log serves as a useful starting point, but for more detailed information, you can interrogate the system logs. Navigate to Settings > Logs in Opsgenie to access these logs. Use the incoming data ID found in the alert activity logs to search for detailed payloads and configuration changes.

Conclusion

The alert activity log in Opsgenie is an essential tool for tracking and debugging alerts. By understanding how to read and use these logs, you can ensure that your incident management process runs smoothly and efficiently. For more detailed investigations, leverage the system logs to get a comprehensive view of the alert’s lifecycle.

For further reading, you can explore the following resources:

• https://support.atlassian.com/opsgenie/docs/alert-creation-flow/
• https://support.atlassian.com/opsgenie/docs/alert-notifications-flow/