terraform-provider-splunk icon indicating copy to clipboard operation
terraform-provider-splunk copied to clipboard

Published 20 hours ago verified publisher icon splunk

Adding Action of Pagerduty to saved searches

Open tameraz-tr opened this issue 2 years ago • 5 comments

Hi,

there is any way to use an action of PagerDuty using the model the same as using sending to email?

tameraz-tr avatar Dec 12 '22 15:12 tameraz-tr

What about the latest update v1.4.19, does it solve your request?

Koleon avatar May 25 '23 10:05 Koleon

we need to add the custom details section inside the configuration that's missing.

Thanks

On Thu, 25 May 2023 at 13:13, Koleon @.***> wrote:

What about the latest update v1.4.19 https://github.com/splunk/terraform-provider-splunk/blob/master/CHANGELOG.md#1419, does it solve your request?

— Reply to this email directly, view it on GitHub https://github.com/splunk/terraform-provider-splunk/issues/144#issuecomment-1562645435, or unsubscribe https://github.com/notifications/unsubscribe-auth/AOHPB2XIG3WRZVGH74IZP7LXH4WEPANCNFSM6AAAAAAS4C2G3Q . You are receiving this because you authored the thread.Message ID: @.***>

--

Best Regards, Tamer Azem | Monitoring Tech Lead M: +972 (0)54 7283015 A: 30 @.*,34.8389616,17z/data=!3m1!4b1!4m2!3m1!1s0x151d49ead9db36f9:0x72d1bee8afa73833?hl=en> Sheshet Hayamin St. Bnei Brak, Israel.

Your Social Investment Networkwww.eToro.com http://www.etoro.com/

tameraz-tr avatar May 29 '23 18:05 tameraz-tr

I also heavily rely on the custom_details section for PagerDuty Alerting for Event Orchestration Routing. Can something like this be added to the provider so that custom details can be sent in the PagerDuty Payload:

Example

action_pagerduty_integration_custom_details = { "somekey": "somevalue"}

Usage


resource "splunk_saved_searches" "test" {
	name = "Test Pagerduty Alert"
	actions = "pagerduty"
	action_pagerduty_integration_url = "abcd"
	action_pagerduty_integration_url_override = "efgh"
	action_pagerduty_integration_custom_details = { "somekey": "somevalue"}
	alert_comparator    = "greater than"
	alert_digest_mode   = true
	alert_expires       = "30d"
	alert_threshold     = "0"
	alert_type          = "number of events"
	cron_schedule       = "*/1 * * * *"
	disabled            = false
	is_scheduled        = true
	is_visible          = true
	realtime_schedule   = true
	search              = "index=main level=error"
}

araddas avatar May 31 '23 17:05 araddas

I'm the same, the custom details are essential for my splunk -> pagerduty workflow.

elhoyleo avatar Jun 05 '23 00:06 elhoyleo

I'm also facing the same issue. Custom detail are very critical for us as it helps in routing alert to correct team in Pagerduty using event Orchestration.

pratiman avatar Jun 05 '23 23:06 pratiman