Create
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Sign up Log in
Products
See all
Community resources
Top groups
Explore all groups
Community resources
Learn
Community resources
Events
Community resources

Incident Rules are not triggering for Alerts when created

Ste404
Ste404
Rising Star
Rising Star
Rising Stars are recognized for providing high-quality answers to other users. Rising Stars receive a certificate of achievement and are on the path to becoming Community Leaders.
Get recognized
August 22, 2022

Hi there,

Just working through Opsgenie to get a better understanding of it and am stuck with Incident Rules.

I have alerts coming through for the Billing Service when I create an issue in JSM, works well.

I have a pretty wide Incident Rule in place to just use as a trigger to see it in action, but it won't fire.

Capture.JPG

As far as I can understand shouldn't this just create an incident based on any Alert coming in for the impacted service of Billing.  I expected it to create a P3 alert with the information in the relevant fields.

I have added other rules to look for specific Status or words also but nothing is firing.

Is there something specific I should be looking at to get this up and running.

I am the admin of the team that is bound to the Billing service and is added as responders to the issue also.

Thanks

 

 

 

Answer
Watch
Like Be the first to like this
632 views

1 answer

0 votes
Nick H
Nick H
Atlassian Team
Atlassian Team members are employees working across the company in a wide variety of roles.
August 23, 2022

Hi @Ste404 ,

A few things to check with your current configuration. 

1 - Make sure that the JSM issues are sending to the same team that has this incident rule configured. Incidents rules are only reviewed when an alert is sent to the same team.

 

2 - If above is true, review if the alert(s) are associating with an existing incidents. 

I'm sure the idea with your configuration is to have each JSM issue create a new incident. But realistically what would happen is one JSM issue would create an incident. If the incident remains opens, and more issues are created, they'd be associated to the existing incident.

It's not possible with that filter to have each issue (or alert) create its own incident. We have a feature request for this you can follow, watch and vote for here: https://jira.atlassian.com/browse/OPSGENIE-73

 

An easy way of checking whether or not the issues / alerts are associating to an incident is in the Alerts tab, or under any existing incidents:

assoc1.jpg

assoc2.jpg

View More Comments
Ste404
Ste404
Rising Star
Rising Star
Rising Stars are recognized for providing high-quality answers to other users. Rising Stars receive a certificate of achievement and are on the path to becoming Community Leaders.
Get recognized
August 23, 2022

My theory was that when alerts arrived and they would meet certain conditions (i.e. SMS Gateway as the service and P2 or above then an incident would be created based on the constructed incident rule.  I can't get the rule to fire with the Match All let alone anything specific in the matching conditions.

It is not a incident per every alert, I was testing from what I thought was the most wide spread angle possible.

My alerts come in from JSM with the correct team bound to the Service that was selected from Insight, just not sure why the incidents are not firing.

I'll dig deeper.

Like
Nick H
Nick H
Atlassian Team
Atlassian Team members are employees working across the company in a wide variety of roles.
August 23, 2022

Hi @Ste404 ,

You're theory is correct, and I'm not entirely sure why an incident is not being created when you have the incident rule's filter set to match all alerts.

Here is a test to show what should happen when an incident rule is set to match all alerts:

ir1.jpg

 

JSM issue creates Opsgenie alert:

ir2.jpg

 

Opsgenie alert is automated into an incident:ir3.jpg

Like
Ste404
Ste404
Rising Star
Rising Star
Rising Stars are recognized for providing high-quality answers to other users. Rising Stars receive a certificate of achievement and are on the path to becoming Community Leaders.
Get recognized
August 23, 2022

hey I found something weird.  There is an incident created, I created one to make sure it wasn't permissions and such.

The alert rule is firing but it is associating the alerts with this incident and not creating new incidents.

Not quite how I need this to work?!

Like
Ste404
Ste404
Rising Star
Rising Star
Rising Stars are recognized for providing high-quality answers to other users. Rising Stars receive a certificate of achievement and are on the path to becoming Community Leaders.
Get recognized
August 23, 2022

aaahh the alerts were being picked up by the catch all and being associated with the incident that in place.  I got rid of everything, created two rules that had specific phrases in the Description condition and manually created two alerts and two incidents were created.

I created another alert that met one of the rules description conditions and no new incident was created but it was associated with the incident that the rule was relevant to.

Like
Reply

Suggest an answer

Log in or Sign up to answer
Opsgenie
Opsgenie
TAGS
AUG Leaders

Atlassian Community Events

    See all events