Create
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Sign up Log in
Products
See all
Community resources
Top groups
Explore all groups
Community resources
Learn
Community resources
Events
Community resources

Is it possible to trigger an 'action' on Incident creation?

Rodolfo
Rodolfo February 3, 2022

For example, I want to send a message to Slack when an incident is created.

I know the integrations and actions are based on alerts, not incidents. So I was thinking to set up a Webhook outgoing integration when an alert is created and it has the incident-id extra property set, but this condition would match for all responder alerts and I would get multiple Slack messages for the same incident.

Any idea or suggestion?

Thanks

Answer
Watch
Like Be the first to like this
499 views

1 answer

1 accepted

0 votes
Answer accepted
John M
John M
Atlassian Team
Atlassian Team members are employees working across the company in a wide variety of roles.
February 3, 2022

Hi Rodolfo,

We actually have a completely separate Slack integration just for Incidents. You can find it in the Slack menu item under the Integrations section.

Image 2-3-2022 at 6.16 PM.jpg

View More Comments
Rodolfo
Rodolfo February 4, 2022

@John M Thanks for your answer.

 

Yes, I am aware of the Slack integration for alerting and Slack integration for incident management.

The Slack integration for incident management is great to execute incident actions from Slack, and it works great! But I am looking for a way to send a message to Slack when an Incident is created (no matter the source: integration, manual creation, incident rule).

As I said, I was thinking of an outgoing integration (e.g. Webhook => Slack, AWS SNS outgoing => Lambda => Slack) when an alert is created and it has the extra property `incident-id`, but I would get multiple messages if there is more than one alert for an incident (i.e. more than one Responder).

I could program the logic in the program that sends the message to Slack to identify if a previous message has been sent for a specific incident-id, but I feel there should be an easier way to do what I want.

For example, the Zendesk integration has an option "From an Opsgenie incident, create a Zendesk Ticket.". I am looking for an 'easy' way for "From an Opsgenie incident, send a message to Slack."

Zendesk_integration_screenshot_2022-02-04_09-49-46.png

Like
John M
John M
Atlassian Team
Atlassian Team members are employees working across the company in a wide variety of roles.
February 4, 2022

The best way to trigger outbound integrations for incidents is to key in on the incident-alert-type field being 'Owner'.

If the incident has a service, the team that owns that service will get an 'Owner' responder alert created, so there should only be one alert and you would avoid the multiple alerts/slack messages issue.

You can filter on a the slack for alerts integration like this:

image (4).png

Like
Rodolfo
Rodolfo February 4, 2022

Thanks @John M!

What about incidents that are not associated to a service? 

Like
John M
John M
Atlassian Team
Atlassian Team members are employees working across the company in a wide variety of roles.
February 4, 2022

You can try using incident-alert-type = responder, but if you are using any services and those services have multiple responders on that services you will be back to the same issue of multiple alerts sending to slack. 

You could also try setting up a dummy team and assigning that team to the Slack integration to limit the number of slack messages to 1. But you would also need to add a policy to add that team to all alerts, and if you were manually creating an incident you would need to manually add that team to the incident. 

Like
Reply

Suggest an answer

Log in or Sign up to answer
Opsgenie
Opsgenie
TAGS
AUG Leaders

Atlassian Community Events

    See all events