Skip to main content

Workflow action reference

The Workflow Engine lets you process your monitoring data with configurable actions which operate in sequence. You can parse hostnames and other fields to normalize your data, enrich your data with configuration information, filter and drop events, and change service and severity information, among other possibilities.

The Workflow Engine allows you to conditionally run actions against events or incidents. Most event workflows involve transforming the data in some way (example: conditionally setting a severity, or parsing fields to normalize data), while incident workflows are primarily used to route data (example: assigning a incident to a team and sending that to an outbound integration).

Configure workflows by navigating to Correlate & Automate > Workflow Engine. Click the Event Workflows tab to create workflows which process events, or the Incident Workflows tab to create workflows which process incidents.

Additional information

For more information on Workflow Engine and workflows, see also:

Refer to the links under In this section for topics on individual workflow actions.