Hi,
I'm trying to create a global policy so that when an incident is created within OpsGenie another team should have an alert generated, or be notified in some way.
From investigating, it looks like when an incident is created an alert is autogenerated for the incidents owning team that corresponds to this - looking at these alerts, I can see some commonality that is unique to them, such as 'Incident-id' fields in the extra properties fields, which seem to be good options to use to trigger the policy.
From testing however we seem to be running into issues with doing things this way.
It seems that irrespective of what option we set for the condition - ie message, description etc this seems to never trigger.
Has anyone been able to set something like this up and if so how did you go about it?
I'm trying to avoid enforcing how incidents should be raised, since this goes against our normal approach of letting teams work in the best ways for them hence the use of global policies and trying to use what OpsGenie auto fills on alerts generated by incident creation, rather than forcing the use of tags etc.
You can definitely use global policies to pull this off. You will want to use the responder alert or the owner-type alerts to key off within the policy. Here is an example video I put together showing this in action: https://app.screencast.com/5QmvchVRuUzHh
Please do let me know if you have any questions or need some clarifications on anything in the video Darren
Thanks Chris,
Thats incredibly helpful. I'd actually just configured something using that very key-value string earlier this morning while poking around with it again. So its great to have confirmation that this was the right course to take.
Will let you know if we have any issues with this.
Thanks again :)
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Hey @Chris DeGidio we've tested implementing this with one or two minor additions based on some different values we've seen thrown up by alerts for the key-value, however this only seems to trigger when manually creating incidents. We have some incident rulings that sometimes auto generate incidents too, which seem to be missed by this config - having checked the key-values we're tracking, they look to match what the ruling has set up.
Any ideas why this may not be working for incident ruling generated incidents?
This is the policy we have set upAnd the tracked key-values form the alert that was generated by the incident created by the incident ruling, showing they match what the policy is tracking against. Thanks.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Hi @Darren_Burrows I have used global policies such that when an alert (levels P1 to P3) from external sources are created within OpsGenie, an additional team, Team B, would have an alert notification. This was done by modifying the alert where the responder field also contained Team B in addition to Team A. If there was another method, I am keen to know too.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
We’ve actually got it working per Chris’s instructions above. Every incident we have that comes in will now create an additional alert for the specific responder team we have set up in the global policy. You can also set this to send an alert to individual users too.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.