Create
cancel
Showing results for 
Search instead for 
Did you mean: 
Sign up Log in

It's not the same without you

Join the community to find out what other Atlassian users are discussing, debating and creating.

Atlassian Community Hero Image Collage

Incident and Responder Alert process is not so clear

Dear all,

We are actually evaluating opsgenie and we face to a question related to Incident and Responder alert.

We notice that when an incident is created from incident rules, it does different things :

  • Create the incident
  • Associate the root alert to the incident
  • Create a responder Alert matching the root alert which cause the incident

Now we need at this stage to handle the incident from our team and we do not catch from documentation the correct process .

For instance we understand that the Alert responder is the entry point where people will work on to solve the incident. 

So the scenario is as below :

  1. On personn from our team ACK the reposnder alert
  2. That person became the owner of the alert
  3. That person add some notes on his investigation of the incident. During that time the status of the incident is still OPEN
  4. Then the person decide to close the alert based on the investigation done

Closing the Alert do not close the incident which remains open.

Question 1 :
Does the Responder Alert is the correct working source for the team or does it need to work from incident directly ?

Question 2 :
Is there any sync on Status between incident and Responder Alert. What I means is that if we close the incident, does the Alert is closed automatically or status handling need to be done independently on incident and Alert

Thanks for clarification

1 answer

0 votes
Samir Atlassian Team Jun 24, 2021

Hi @serge calderara 

 

Taking action on the responder alert (i.e. acknowledge responder alert) does not update the incident itself. However, it does work the other way, i.e. resolving the incident, will acknowledge the responder alert(s) for that incident. And closing the incident, will close the responder alert(s).

 

Thanks,

Samir

hello @Samir , so what is the proper way to work on an incident ?

Should team works on the Reporter Alert or should it work on the Incident itself ?

Samir Atlassian Team Jun 24, 2021

There isn't a "right" vs "wrong" way necessarily. If you want to stop the responder alert from escalating so it doesn't continue notifying, then you would want to acknowledge the responder alert.

 

Otherwise, you can just take action on the incident itself, and that will update the responder alert(s).

Hello @Samir , I notice one strange things if we work on Incident details :

1 - There is not place to add notes ?

2 - We notice a button call INVESTIGATE but it is necessary to connect to a CI/CD why ? There is no way to have an invesigation without CI CD especially if the incident is from a network issue for instance ?

Regards

Samir Atlassian Team Jun 29, 2021

Hi @serge calderara ,

 

Yes - there are no notes on incidents, you can add entries to the incident timeline.

 

And connecting a CI/CD is required for incident investigation, because the incident investigation feature is what allows you to pull in past deployments from your CI/CD tool that could have been a potential cause of the incident.

https://support.atlassian.com/opsgenie/docs/investigate-an-incident/

 

So without connecting a CI/CD tool, there would be no use of the incident investigation feature.

hi @Samir  thanks for your reply

This is not a logical approach that for Incident investigation you need to have a CI/CD.

The resaon for that is that incident does not necessary comes from a software deployement .

From our integration with dynatrace for instance, we would like to start an investigation on the incident which is pure an infrastruture case for which we absolutly do not need any CI/CD.

How this can be done from Incident in that case?

regarsd

Suggest an answer

Log in or Sign up to answer
TAGS
Community showcase
Published in Opsgenie

Leveraging Atlassian’s Opsgenie and AWS Cloudformation Registry to stay ahead of incidents

In the past, managing IT infrastructure was a hard job. It required a lot of manual effort and it was hard to keep track of all the necessary information (monitoring, scalability etc). Thankfully, as...

890 views 0 7
Read article

Community Events

Connect with like-minded Atlassian users at free events near you!

Find an event

Connect with like-minded Atlassian users at free events near you!

Unfortunately there are no Community Events near you at the moment.

Host an event

You're one step closer to meeting fellow Atlassian users at your local event. Learn more about Community Events

Events near you