Create
cancel
Showing results for 
Search instead for 
Did you mean: 
Sign up Log in

How does an Integration's "Close Alert" action work?

Jonathan Ballet March 4, 2021

Hello,

I was trying to find a way to automatically close some alerts that are sent to our account "Default API": these alerts are correctly coming on this endpoint and I know how to create the appropriate filters, but then I struggle how the actions of the integration are supposed to work:

From "Integrations Framework - Action Processing" documentation:

  • Ignore: "the webhook data [...] will be ignored completely" This one is pretty clear.
  • Create Alert: If data hasn't been ignored by the previous action, this action will create new alerts. Depending on the filters specified, the actual content of the alert can be customized. Do I understand correctly?

Then, for the last 3 "Acknowledge Alert", "Add Note", "Close Alert", I'm not sure how to understand them. There's this notion of "alias", which I guess is this kind of "global identifier" that was set when the alter was created just before.

But then, I don't understand how these actions are triggered. By default, their filter is "Match all alerts" but I didn't see my alerts being closed, acknowledged or having a note added automatically. I'm a bit lost on how I should understand / configure these :)

Ultimately, I tried to configure a new "Close" action which filters match the fields of the alert I wanted to automatically close, but it didn't work at all. I suppose, as this was a brand new alert, it didn't have this "alias", and only the "Create" action was executed, but then I'm not sure how to execute the other actions...

Some help / clarification would be greatly appreciated!

1 answer

0 votes
connor mcguane March 5, 2021

So what might be happening is all of your alerts are matching the Create Alert action in your Default API.  I would try make sure that your Create and Close have mutually exclusive filters.

Also, can you explain more on what data is coming in that says "close this alert".  Im sure its something in the pay load like a flag or keyword.

Suggest an answer

Log in or Sign up to answer
DEPLOYMENT TYPE
CLOUD
PERMISSIONS LEVEL
Product Admin
TAGS
AUG Leaders

Atlassian Community Events