Community
Products
Opsgenie
Questions
Create an incident based on multiple alerts

Create an incident based on multiple alerts

Hello,

Suppose that in my team we get alerts that look like this:

=======

Alert:

User has encountered a problem in prod env.

User: sampleuser

=======

I would like to automatically create an incident based on alerts from at least 3 different users.

How can I achieve such a behavior?

1 answer

1 accepted

0 votes

Answer accepted

@ronyut if you have a plan that includes use of an OEC (Opsgenie Edge Connector) this shouldn't be too hard:

Have these alerts trigger an OEC script that searches for other, similar open alerts. Collect the users and do a sort -unique to see how many different users have had alerts generated. If the count is 3 or more, create an incident.

You could create the incident via the API, directly from the OEC script, but I don't believe you can currently associate alerts to an incident via the API. One way to get around this would be to just set a unique tag on one of the alerts, then add an incident creation rule that looks for that tag and creates the incident from that alert.

You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.

Comment

Suggest an answer

Was this helpful?

Thanks!

Opsgenie

DEPLOYMENT TYPE

CLOUD

Products

Community resources

Support

Top groups

Community resources

Support

Learn

Community resources

Support

Events

Community resources

Support

Get product advice from experts

Join a community group

Advance your career with learning paths

Earn badges and rewards

Connect and share ideas at events

Create an incident based on multiple alerts