AlertOps Integration
This is a reference for the AlertOps UI integration.
This integration enables bidirectional communication with an external AlertOps instance:
Creates new AlertOps alerts from Situations
Passes Situation updates to AlertsOps:
Situation collaboration thread entries added as replies to the AlertOps alert
Teams added to a Situation can be used to assign new Recipient Groups in AlertOps
Situation moderator can be used to assign the AlertOps alert to a corresponding AlertOps user
Updates can be forwarded to AlertOps on Situation changes
Resolving the Situation closes the corresponding AlertOps alert
Handles notifications back from AlertOps
Receives a callback with the AlertOps alert id when a new alert is created
Closes the Situation when the AlertOps alert closes
Adds a Situation collaboration thread entry when a reply is added to an AlertOps alert
Acknowledges the Situation and adds a collaboration thread entry when the AlertOps alert is assigned to a user
Before you begin
Before you start to set up your integration, ensure you have met the following requirements:
An AlertOps integration APIKey
The AlertOps notify and api base URLs, if different from the defaults
The Source and Source Name to use with the integration
A new graze API user to use with the integration to enable acknowledgment of Situations when the alert is assigned in AlertOps
Details of AlertOps users and Recipient groups you wish to map from Moogsoft Onprem users and teams
The Source and Source Name should match values used in the AlertOps Inbound integration. The notify and api base URLs and the APIKey can be obtained from the AlertOps instance.
Configure the AlertOps Integration in Moogsoft Onprem
Note
Refer to https://help.alertops.com/en/ for additional configuration information.
To configure the AlertOps integration in Moogsoft Onprem:
Navigate to the Integrations tab.
In the Ticketing section, click AlertOps.
Provide a unique integration name. You can use the default name or customize the name according to your needs.
Provide a unique Instance Name. This name is used at the Source Name in AlertOps. You can add additional instances using the Add Instance button.
Add the AlertOps APIKey and update the Integration User Name and Source as required.
Make sure that the Base Notify URL and Base API URL in the “AlertOps Endpoints” setting matches correct values for the AlertOps instance. The default values should work for most SaaS instances.
Confirm to save the setting and enable the integration.
The integration deploys a number of Integration Workflow Engine workflow to enable bidirectional communication with AlertOps. These are disabled initially.
You must also configure the AlertOps instance to handle the interaction with Moogsoft Onprem. Refer to the following section for detailed information.
See AlertOps Workflow for details of the workflow and usage of the integration.
Configure AlertOps
To enable the integration, you must also configure AlertOpt to handle the incoming request from Moogsoft Onprem and to trigger notifications back. These details are fully documented by AlertOps but are also captured here for reference.
1. Create new Custom Alert Fields
From Administration > Custom Alert Fields, click Add Alert Type to create a new Alert Type:
Alert Type: Moogsoft Alert
Group | Alert Fields | Data Type |
|---|---|---|
Moogsoft | ai_aiops_instance | ShortString |
Moogsoft | ai_description | LongString |
Moogsoft | ai_last_event_time | Numeric |
Moogsoft | ai_last_state_change | Numeric |
Moogsoft | ai_severity | ShortString |
Moogsoft | ai_sitn_id | Numeric |
Moogsoft | ai_sitn_url | LongString |
Moogsoft | ai_status | ShortString |
Moogsoft | ai_total_alerts | Numeric |
These are the basic fields required by the integration and can be extended but should be removed.
2. Create an Escalation Rule
If required, create a new Escalation Rule by navigating to Escalation Rules and then clicking Add Escalation Rule. If a suitable escalation rule exists, use it in the following steps.
The Escalation Rule must use the new Alert Type, created above. This is updated on the “Options” tab of the Escalation Rule.
3. Create a new Inbound Integration
Navigate to Integrations > Inbound Integrations, click Add API Integration and then click the Custom tile to open the dialog for a new custom integration. On the “Basic Settings” tab, add an Integration Name, select the Escalation Rule and check the Enabled checkbox.
URL Mapping
On the “Advanced Settings” tab, click URL Mapping and add the following:
Option | Value | Comments |
|---|---|---|
Short Text | <description> | If additional fields are added to Situations, they can be used here. |
Subject Text | <description> | If additional fields are added to Situations, they can be used here. |
Source Name | aiops_instance | Populated with the AlterOps integration instance name. Uncheck the the Static checkbox alongside the “Source Name” option. |
Source | Moogsoft | Must match the “Source” entered into the Moogsoft Onprem AlertOps Integration tile. |
Long Text | <description> | If additional fields are added to Situations, they can be used here. |
Method | POST | |
Source ID | sitn_id | |
Source URL | sitn_url | |
Source Status | status | |
Open Alert When | Contains Any [“Opened”] | |
Close Alert When | Contains Any [“Closed”, “Resolved”] | |
Update Alert When |
Advanced Mapping
Next, click Advanced Mapping. Populate the Custom Alert Fields from the inbound integration by entering the following:
Option | Value |
|---|---|
ai_sitn_id | sitn_id |
ai_last_event_time | last_event_time |
ai_severity | severity |
ai_total_alerts | total_alerts |
ai_last_state_change | last_state_change |
ai_aiops_instance | aiops_instance |
ai_description | description |
ai_status | status |
ai_sitn_url | sitn_url |
A default Recipient Group can be set here but the Dynamic Recipient Group section can be used for more fine grained control of recipients.
Dynamic Recipient Groups
On the “Dynamic Recipient Groups” you can map incoming Moogsoft Onprem team names to AlertOps Recipient Group.
These teams are those added to a Situation when the Situation is forwarded to AlertOps and are populated into a list in the “teams” field of the AlertOps inbound integration. You can add conditions to teams assigned to AlertOps Recipient groups based on the names of the Moogsoft Onprem teams listed in the “teams” field.
4. Add methods to the Outbound Integrations
Navigate to Integrations > Outbound Integrations, click Add Outbound Integration to open the “Outbound Integration Detail” dialog, and then enter the following:
Option | Value | Comments |
|---|---|---|
Password | The password for the Moogsoft Onprem Graze user | |
UserName | alertops | A suitable Moogsoft Onprem Graze user |
Integration Name | Moogsoft sendToWorkflow | |
Web Security Type | Basic |
Click Save and Continue to add methods to the outbound integration.
Methods
Add the following methods:
Option | Value | Comments |
|---|---|---|
URI | https://<server base url>//graze/v1/sendToWorkflow | Use the base URL for your Moogsoft Onprem UI instances. |
Name | alertCreated | |
Type | REST | |
Web Method | POST | |
Alert Type | Moogsoft Alert | Matches the Alert Type from step 1. |
Request Type | JSON | |
Response Data Type | JSON |
Request Data:
{
"engine_name": "Situation Integration",
"workflow_name": "Handle AlertOps Response",
"sitn_id": "<<MessageThread.SourceIdentifier>>",
"context": {
"alertops_id": "<<MessageThread.MessageThreadID>>",
"subject": "alertCreated",
"passedInstance": "<<Attribute.ai_aiops_instance>>"
}
}Option | Value | Comments |
|---|---|---|
Name | messageAdded | |
Type | REST | |
Alert Type | Moogsoft | Should match the Alert Type from step 1. |
URI | https://<server base url>//graze/v1/sendToWorkflow | Use the base URL for your Moogsoft Onprem UI instances. |
Request Type | JSON | |
Web Method | POST | |
Response Data Type | JSON |
{
"engine_name": "Situation Integration",
"workflow_name": "Handle AlertOps Response",
"sitn_id": "<<MessageThread.SourceIdentifier>>",
"context": {
"subject": "messageAdded",
"message": "<<Message.MessageText>>",
"passedInstance": "<<Attribute.ai_aiops_instance>>"
}
}Option | Value | Comments |
|---|---|---|
Name | sendAssigned | |
Type | REST | |
Alert Type | Moogsoft Alert | Matches the Alert Type from step 1. |
URI | https://<server base url>//graze/v1/sendToWorkflow | Use the base URL for your Moogsoft Onprem UI instances. |
Request Type | JSON | |
Web Method | POST | |
Response Data Type | JSON |
Request Data:
{
"engine_name": "Situation Integration",
"workflow_name": "Handle AlertOps Response",
"sitn_id": "<<MessageThread.SourceIdentifier>>",
"context": {
"subject": "alertAssigned",
"user": "<<MessageThread.OwnerUserName>>",
"passedInstance": "<<Attribute.ai_aiops_instance>>"
}
}Option | Value | Comments |
|---|---|---|
Alert Type | Moogsoft Alert | Matches the Alert Type from step 1. |
Name | alertClosed | |
Request Type | JSON | |
Response Data Type | JSON | |
Type | REST | |
URI | http://<server base url>//graze/v1/sendToWorkflow | Use the base URL for your Moogsoft Onprem UI instances. |
Web Method | POST |
Request Data:
{
"engine_name": "Situation Integration",
"workflow_name": "Handle AlertOps Response",
"sitn_id": "<<MessageThread.SourceIdentifier>>",
"context": {
"alertops_id": "<<MessageThread.MessageThreadID>>",
"subject": "alertClosed",
"passedInstance": "<<Attribute.ai_aiops_instance>>"
}
}5. Add workflows
New workflows are required to trigger outbound communication back to Moogsoft Onprem. These are added by navigating to “Workflows” and clicking Add Workflow.
Moogsoft Initial Response
The workflow triggering the initial callback to Moogsoft Onprem when an alert is opened. This workflow used to update the originating Situation with the AlertOps Alert ID.
Options | Value | Comments |
|---|---|---|
Name | Moogsoft Initial Response | |
Type | Message Thread | |
Alert Type | Moogsoft Alert | Matches the Alert Type from step 1. |
Enabled | Checked | |
Scheduled | Unchecked |
Attribute | Name | Condition |
|---|---|---|
Standard | MessageThreadStatusType | is Open |
Attribute | Name | Condition |
|---|---|---|
NA | NA | NA |
Action | Value | Comment |
|---|---|---|
Outbound Service Notfication | Moogsoft sendToWorkflow alertCreated | NA |
Moogsoft Send Assigned
The workflow that notifies Moogsoft Onprem when an AlertOps alert is assigned. This workflow adds a thread entry to the Situation and may acknowledge and assign to the Moogsoft Onprem AlertOps integration user.
Options | Value | Comments |
|---|---|---|
Name | Moogsoft Send Assigned | |
Type | MessageThread | |
Alert Type | Moogsoft Alert | Matches the Alert Type from step 1. |
Enabled | Checked | |
Scheduled | Unchecked |
Attribute | Name | Condition |
|---|---|---|
Standard | MessageThreadStatusType | is Assigned |
Attribute | Name | Condition |
|---|---|---|
NA | NA | NA |
Action | Value | Comment |
|---|---|---|
Outbound Service Notification | Moogsoft sendToWorkflow - sendAssigned | NA |
Moogsoft Send Closed
The workflow that notifies Moogsoft Onprem when an AlertOps alert is assigned. This workflow resolves the originating Situation.
Options | Value | Comments |
|---|---|---|
Name | Moogsoft Send Closed | |
Type | MessageThread | |
Alert Type | Moogsoft Alert | Matches the Alert Type from step 1. |
Enabled | Checked | |
Scheduled | Unchecked |
Options | Value | Comments |
|---|---|---|
Standard | MessageThreadStatusType | is Closed |
Attribute | Name | Condition |
|---|---|---|
NA | NA | NA |
Action | Value | Comment |
|---|---|---|
Outbound Service Notification | Moogsoft sendToWorkflow - alertClosed | NA |
Moogsoft Send Comment
The workflow that sends a notification to Moogsoft Onprem when a reply to an AlertOps alert is made. This workflow adds a thread entry to the originating Situation in Moogsoft Onprem.
Options | Value | Comments |
|---|---|---|
Name | Moogsoft Send Comment | |
Type | Message | |
Alert Type | Moogsoft Alert | Matches the Alert Type from step 1. |
Enabled | Checked | |
Scheduled | Checked | |
Recurrence Interval | 0 |
Name | Condition | Comment |
|---|---|---|
Attribute | Name | Condition |
|---|---|---|
NA | NA | NA |
Action | Value | Comment |
|---|---|---|
Outbound Service Notification | Moogsoft sendToWorkflow - messageAdded | NA |
6. Add workflows to Escalation Rule
The final step to enable the integration in AlertOps is to assign the outbound workflow to the escalation rule use by the inbound integration.
Navigate to Escalation Rules and then select the rule in use by the inbound Integration configured in step 3. On the “Workflows” tab, click Add Workflow and move each of the following from the list of available workflow to the list of selected workflow:
Moogsoft Initial Response
Moogsoft Send Assigned
Moogsoft Send Closed
Moogsoft Send Comment
Click Update to commit the changes and then click Update again in the main Escalation Rule dialog.