Workflow Examples

Slack Webhook Message on Specific Monitor

This workflow is triggered by issue with filter of alertname: Workload Pods Crashed Monitor . Which means only issues created by the monitor named "Workload Pods Crashed Monitor" will trigger the workflow, in this example we use a slack message action using labels from the issue.

workflow: 
  id: slack-alert-on-crashed-pods
  description: Send a slack message on Workload Pods Crashed Monitor 
  triggers:
    - type: alert
      filters:
        - key: alertname
          value: Workload Pods Crashed Monitor
  actions:
    - name: trigger-slack
      provider:
        type: slack
        config: '{{ providers.slack_webhook }}'
        with:
          message: "Pod Crashed - Pod: {{ alert.labels.pod_name }} Container: {{ alert.labels.container }} Exit Code: {{ alert.labels.exit_code }} Reason: {{ alert.labels.reason }}"

Send Only Firing Alerts

In some cases, you may want to avoid sending resolved alerts to your integrations—this prevents incidents from being automatically marked as “resolved” in tools like PagerDuty.

To achieve this, you can add a condition to your action that ensures only firing alerts are sent. Here’s an example of how to configure it in your workflow:

workflow:
  id: send-pagerduty-only-firing
  description: ""
  triggers:
  - type: alert
  name: send-pagerduty-only-firing
  actions:
  - if: '{{ alert.status }} == "firing"'
    name: pagerduty-action
    provider:
      config: "{{ provider.pager_duty_prod }}"
      type: pagerduty
      with:
        title: "{{ alert.alertname }}"

This configuration uses an if condition to check that the alert’s status is firing before executing the PagerDuty action - line 8.

Slack Webhook Message on Issue

This workflow is triggered by an issue and uses the slack_webhook integration to send a Slack message formatted with Block Kit. For more details, see Slack Block Kit.

workflow: 
  id: slack-webhook
  description: Send a slack message on alerts
  triggers:
    - type: alert
  actions:
    - name: trigger-slack
      provider:
        type: slack
        config: ' {{ providers.slack_webhook }} '
        with:
          blocks:
          - type: header
            text:
              type: plain_text
              text: ':rotating_light: {{ alert.labels.alertname }} :rotating_light:'
              emoji: true
          - type: divider
          - type: section
            fields:
            - type: mrkdwn
              text: |-
                *Cluster:*
                {{ alert.labels.cluster}}
            - type: mrkdwn
              text: |-
                *Namespace:*
                {{ alert.labels.namespace}}
            - type: mrkdwn
              text: |-
                *Workload:*
                {{ alert.labels.workload}}

Create Jira Ticket Using Webhook

See Jira Webhook Integration for setting up the integration

Get your Issue Type ID from your Jira, see: https://confluence.atlassian.com/jirasoftwarecloud/finding-the-issue-type-id-in-jira-cloud-1333825937.html

Get your project id from you Jira, see: https://confluence.atlassian.com/jirakb/how-to-get-project-id-from-the-jira-user-interface-827341414.html

Replace in this workflow these by using your values: <issue_id>, <project_id>

Replace in this workflow <integration_name> based on your created integration name.

workflow:
  id: jira_ticket_creation
  description: Create a Jira Ticket
  triggers:
  - type: alert
  consts:
    description: keep.dictget( {{ alert.annotations }}, "_gc_description", '')
    title: keep.dictget( {{ alert.annotations }}, "_gc_issue_header", "{{ alert.alertname }}")
  name: jira_ticket_creation
  actions:
  - name: webhook
    provider:
      config: ' {{ providers.<integration_name> }} '
      type: webhook
      with:
        body:
          fields:
            description: '{{ consts.description }}'
            issuetype:
              id: <issue_id>
            project:
              id: <project_id>
            summary: '{{ consts.title }}'

Last updated 19 days ago