search

Yelp / elastalert

Easy & Flexible Alerting With ElasticSearch
https://elastalert.readthedocs.org
Apache License 2.0
7.99k stars 1.73k forks source link

PagerDuty dedup_key with Elastalert #2535

Open ghost opened 4 years ago

ghost commented 4 years ago

Can Elastalert be configured to send the dedup_key to PagerDuty for any particular event or trigger and is so, what is the yaml or other technique to do it?

Qmando commented 4 years ago

From https://elastalert.readthedocs.io/en/latest/ruletypes.html

pagerduty_incident_key: If not set PagerDuty will trigger a new incident for each alert sent. If set to a unique string per rule PagerDuty will identify the incident that this event should be applied. If there’s no open (i.e. unresolved) incident with this key, a new one will be created. If there’s already an open incident with a matching key, this event will be appended to that incident’s log.

pagerduty_incident_key_args: If set, and pagerduty_incident_key is a formattable string, Elastalert will format the incident key based on the provided array of fields from the rule or match.

ghost commented 4 years ago

Thanks for the info.

Do you know if pagerduty_incident_key covers both the v1 AND v2 PD API's? PD renamed the key to dedup_key for v2.

nsano-rururu commented 3 years ago

pagerduty_api_version is v1

PagerDuty Parameters ElastAlert Parameters
service_key pagerduty_service_key
event_type pagerduty_event_type
incident_key pagerduty_incident_key
pagerduty_incident_key_args
description https://github.com/Yelp/elastalert/blob/master/elastalert/alerts.py#L1405
details https://github.com/Yelp/elastalert/blob/master/elastalert/alerts.py#L1409
client pagerduty_client_name
client_url -
contexts -

pagerduty_api_version is v2

PagerDuty Parameters ElastAlert Parameters
routing_key pagerduty_service_key
event_action pagerduty_event_type
dedup_key pagerduty_incident_key
pagerduty_incident_key_args
payload.summary https://github.com/Yelp/elastalert/blob/master/elastalert/alerts.py#L1393
payload.source pagerduty_v2_payload_source
pagerduty_v2_payload_source_args
payload.severity pagerduty_v2_payload_severity
payload.timestamp https://github.com/Yelp/elastalert/blob/master/elastalert/alerts.py#L1401
payload.component pagerduty_v2_payload_component
pagerduty_v2_payload_component_args
payload.group pagerduty_v2_payload_group
pagerduty_v2_payload_group_args
payload.class pagerduty_v2_payload_class
pagerduty_v2_payload_class_args
payload.custom_details https://github.com/Yelp/elastalert/blob/master/elastalert/alerts.py#L1394
images -
links -