Skip to main content

Send incidents to Datadog

Note

This procedure uses the alert webhook.

Follow these steps to configure Moogsoft Cloud to send incidents to Datadog. For additional details, refer to the Outbound alert webhooks documentation.

  1. Generate an API key and Application Key in Datadog by following these instructions.

  2. In Moogsoft, navigate to Integrations > Outbound Integrations. Click Alert Webhook, then Add a Webhook.

  3. Fill in the webhook form sections as follows:

    1. Name and Scope:

      • Name the webhook.

      • Add a filter if you choose.

    2. Create Operation and HTTP Configuration:

      • Choose POST as the request method.

      • Set the URL to https://api.datadoghq.com/api/v2/incidents.

      • Leave the authorization as No auth. You will configure authentication in the Headers section.

      • In the Headers section, leave the default values for the Content-Type key and application/json value.

      • Add a header with a key of DD_API_KEY. Under value,  paste your Datadog API key.

      • Add a header with a key of DD_APPLICATION_KEY. Under value, paste your  Datadog application key.

    3. Payload Body for Create Operation:

      • Paste the following payload into the Key/Value Editor:

        {
            "data": {
                "type": "incidents",
                "attributes": {
                    "title": "Issue # $id with severity $severity and description $description",
                    "fields": {
                        "severity": {
                            "value": "$severity"
                        },
                        "summary": {
                            "value": "Issue # $id with severity $severity and description $description"
                        }
                    }
                }
            }
        }  

        Note

        If you want to add a mapping for services, you can edit the payload above. The service values must be set up in the Datadog APM feature and must match the Moogsoft values exactly.

      • Add a type declaration for $severity, with a type of String.

      • Add a custom mapping for $severity as follows:

        Input Value

        Value to Send

        critical

        SEV-1

        major

        SEV-2

        minor

        SEV-3

        warning

        SEV-4

        clear

        SEV-5

    4. Map the Response Payload External Name and ID:

      • Under External Webhook Target, select Datadog.

      • For Attribute Key with the External Name, enter data.attributes.public_id.

      • For Attribute Key with the External ID, enter data.id.

      • For External Link URL, enter https://app.datadoghq.com/incidents/$external_name.

    5. Update Notifications:

      • Optionally, you can configure the webhook to send updates when the severity level of an incident increases or is set to clear. To activate updates, turn on Enable update notifications.

      • For request method, choose Patch.

      • For URL, enter this, replacing the existing entry if necessary: https://api.datadoghq.com/api/v2/incidents/$external_name.

      • For Triggers, select Severity increased.

    6. Payload Body for Update Operation:

      • Repeat the steps for Payload Body for CREATE Operation, including adjusting the payload and mapping the values for $severity.

  4. After you have finished configuring the webhook, click Test in the upper right hand corner. You should see response details and a confirmation that the webhook is working.

  5. Save the webhook.

  6. Verify that the webhook is configured correctly by navigating to Integrations > Ingestion Services > Events API. Click the arrow button below the sample event to send the sample event to Moogsoft.

  7. Navigate to Incidents > Incidents. Click the incident from the sample event and verify that its Incident Details pane has an Outbound tab.

  8. Click the incident number under External Name in the Outbound tab to go to the incident in Datadog. You should also see the test event you sent earlier.