Workflow Examples
Slack Webhook Message on Specific Monitor
This workflow is triggered by issue with filter of alertname: Workload Pods Crashed Monitor . Which means only issues created by the monitor named "Workload Pods Crashed Monitor" will trigger the workflow, in this example we use a slack message action using labels from the issue.
workflow:
id: slack-alert-on-crashed-pods
description: Send a slack message on Workload Pods Crashed Monitor
triggers:
- type: alert
filters:
- key: alertname
value: Workload Pods Crashed Monitor
actions:
- name: trigger-slack
provider:
type: slack
config: '{{ providers.slack_webhook }}'
with:
message: "Pod Crashed - Pod: {{ alert.labels.pod_name }} Container: {{ alert.labels.container }} Exit Code: {{ alert.labels.exit_code }} Reason: {{ alert.labels.reason }}"Send Only Firing Alerts
In some cases, you may want to avoid sending resolved alerts to your integrations—this prevents incidents from being automatically marked as “resolved” in tools like PagerDuty.
To achieve this, you can add a condition to your action that ensures only firing alerts are sent. Here’s an example of how to configure it in your workflow:
workflow:
id: send-pagerduty-only-firing
description: ""
triggers:
- type: alert
name: send-pagerduty-only-firing
actions:
- if: '{{ alert.status }} == "firing"'
name: pagerduty-action
provider:
config: "{{ provider.pager_duty_prod }}"
type: pagerduty
with:
title: "{{ alert.alertname }}"This configuration uses an if condition to check that the alert’s status is firing before executing the PagerDuty action - line 8.
Slack Webhook Message on Issue
This workflow is triggered by an issue and uses the slack_webhook integration to send a Slack message formatted with Block Kit. For more details, see Slack Block Kit.
workflow:
id: slack-webhook
description: Send a slack message on alerts
triggers:
- type: alert
actions:
- name: trigger-slack
provider:
type: slack
config: ' {{ providers.slack_webhook }} '
with:
blocks:
- type: header
text:
type: plain_text
text: ':rotating_light: {{ alert.labels.alertname }} :rotating_light:'
emoji: true
- type: divider
- type: section
fields:
- type: mrkdwn
text: |-
*Cluster:*
{{ alert.labels.cluster}}
- type: mrkdwn
text: |-
*Namespace:*
{{ alert.labels.namespace}}
- type: mrkdwn
text: |-
*Workload:*
{{ alert.labels.workload}}Create Jira Ticket Using Webhook
See Jira Webhook Integration for setting up the integration
Get your Issue Type ID from your Jira, see: https://confluence.atlassian.com/jirasoftwarecloud/finding-the-issue-type-id-in-jira-cloud-1333825937.html
Get your project id from you Jira, see: https://confluence.atlassian.com/jirakb/how-to-get-project-id-from-the-jira-user-interface-827341414.html
Replace in this workflow these by using your values: <issue_id>, <project_id>
Replace in this workflow <integration_name> based on your created integration name.
workflow:
id: jira_ticket_creation
description: Create a Jira Ticket
triggers:
- type: alert
consts:
description: keep.dictget( {{ alert.annotations }}, "_gc_description", '')
title: keep.dictget( {{ alert.annotations }}, "_gc_issue_header", "{{ alert.alertname }}")
name: jira_ticket_creation
actions:
- name: webhook
provider:
config: ' {{ providers.<integration_name> }} '
type: webhook
with:
body:
fields:
description: '{{ consts.description }}'
issuetype:
id: <issue_id>
project:
id: <project_id>
summary: '{{ consts.title }}'Last updated