relate incidents with work teams

pepe · April 26, 2022, 2:28pm

I would like to be able to relate according to the device that notifies an incident with the teams that supervises that device

dmcclure · April 26, 2022, 2:54pm

This would be done by creating a well configured, business-aligned technical service configuration where each team’s business products, offerings, services, applications (and maybe even functional technology) are represented.

Then, you’d want to ensure that all of your incoming events/alerts contain rich metadata (host/node name, tags, labels, etc.) that you can create event orchestration rules that match specific metadata and then route the incoming events/alerts into the appropriate technical service, notifying the on-call team for that service.

Example:

If you are using Datadog, you might create and assign a few tags like these:

Service: Mobile Banking
Application: Mobile Deposits
Function: iOS Team

Then you’d create an event orchestration rule with conditions that look for those tags/values and then routes the event/alert into a service called “Mobile Banking : Deposits : iOS” and notify that on-call responder.

pepe · April 26, 2022, 3:25pm

I’ m triying integrate Centreon with PagerDuty

I need to differentiate the alerts that come from Linux devices and Windows devices to send them to the responsible technicians of each department.

I don´t know if it is the same process that you comment

Thanks

dmcclure · April 26, 2022, 8:22pm

Have you seen this: https://www.centreon.com/en/blog/connecting-centreon-to-pagerduty-the-best-way-for-your-teams-to-benefit-from-pagerduty/ or this:https://www.centreon.com/en/blog/connecting-centreon-and-pagerduty-configuration-tips/

I do not recommend that you create a single service named"Centreon" and integrate it there. Instead, create a new Event Orchestration and use that API token in your integration, and then you’ll be able to inspect incoming fields with your Centreon data (eg hostname) and route into fine-grained technical services for your apps, services, and associated teams. (Also, do not create a service named after your departments or teams but rather important business services and applications those departments own/support!)

This config file for Centreon shows a bit about what data you’ll be sending over to PagerDuty to create events/alerts: https://raw.githubusercontent.com/centreon/centreon-stream-connector-scripts/master/centreon-certified/pagerduty/pagerduty-events-apiv2.lua

Start with hostnames and if you have a structured hostname scheme, it may be easy to create event orchestration rules that match parts of that.