2019-09-10 13:32:51 -04:00
[role="xpack"]
2017-03-28 17:23:01 -04:00
[[actions-pagerduty]]
2019-09-30 13:18:50 -04:00
=== PagerDuty action
2017-03-28 17:23:01 -04:00
Use the PagerDuty action to create events in https://pagerduty.com/[
PagerDuty]. To create PagerDuty events, you must <<configuring-pagerduty,
configure at least one PagerDuty account>> in `elasticsearch.yml`.
[[configuring-pagerduty-actions]]
2019-09-30 13:18:50 -04:00
==== Configuring PagerDuty actions
2017-03-28 17:23:01 -04:00
You configure PagerDuty actions in the `actions` array. Action-specific attributes
are specified using the `pagerduty` keyword.
The following snippet shows a simple PagerDuty action definition:
[source,js]
--------------------------------------------------
"actions" : {
"notify-pagerduty" : {
"transform" : { ... },
"throttle_period" : "5m",
"pagerduty" : {
"description" : "Main system down, please check!" <1>
}
}
}
--------------------------------------------------
2018-06-22 21:09:37 -04:00
// NOTCONSOLE
2017-03-28 17:23:01 -04:00
<1> Description of the message
[[adding-context-and-payloads-to-pagerduty-actions]]
2019-09-30 13:18:50 -04:00
==== Adding meta information to a PagerDuty incident
2017-03-28 17:23:01 -04:00
To give the PagerDuty incident some more context, you can attach the
payload as well as an array of contexts to the action.
[source,js]
--------------------------------------------------
"actions" : {
"notify-pagerduty" : {
"throttle_period" : "5m",
"pagerduty" : {
"account" : "team1",
"description" : "Main system down, please check! Happened at {{ctx.execution_time}}"
"attach_payload" : true,
"client" : "/foo/bar/{{ctx.watch_id}}",
"client_url" : "http://www.example.org/",
2017-12-05 05:31:48 -05:00
"contexts" : [
2017-03-28 17:23:01 -04:00
{
"type": "link",
"href": "http://acme.pagerduty.com"
},{
"type": "link",
"href": "http://acme.pagerduty.com",
"text": "View the incident on {{ctx.payload.link}}"
}
]
}
}
}
--------------------------------------------------
2018-06-22 21:09:37 -04:00
// NOTCONSOLE
2017-03-28 17:23:01 -04:00
[[pagerduty-action-attributes]]
2019-09-30 13:18:50 -04:00
==== Pagerduty action attributes
2017-03-28 17:23:01 -04:00
[cols=",^,", options="header"]
|======
| Name |Required | Description
| `account` | no | The account to use, falls back to the default one.
2018-11-19 10:30:20 -05:00
The account needs a `service_api_key` attribute.
2017-03-28 17:23:01 -04:00
|======
[[pagerduty-event-trigger-incident-attributes]]
2019-09-30 13:18:50 -04:00
.Pagerduty event trigger incident attributes
2017-03-28 17:23:01 -04:00
[cols=",^,", options="header"]
|======
| Name |Required | Description
| `description` | yes | A quick description for this event
| `event_type` | no | The event type to sent. Must be one of `trigger`,
`resolve` or `acknowledge`. Defaults to `trigger`.
| `incident_key` | no | The incident key on the pagerduty side, also used
for de-duplication and allows to resolve or acknowledge
incidents.
| `client` | no | Name of the client triggering the incident, i.e.
`Watcher Monitoring`
| `client_url` | no | A client URL to visit to get more detailed information.
| `attach_payload` | no | If set to `true` the payload is attached as a detail
to the API call. Defaults to `false`.
| `contexts` | no | An array of objects, that allow you to provide
additional links or images in order to provide more
context to the trigger.
| `proxy.host` | no | The proxy host to use (only in combination with `proxy.port`)
| `proxy.port` | no | The proxy port to use (only in combination with `proxy.host`)
|======
You can configure defaults for the above values for the whole service using the
`xpack.notification.pagerduty.event_defaults.*` properties as well as
per account using `xpack.notification.pagerduty.account.your_account_name.event_defaults.*`
NOTE: All of those objects have templating support, so you can use data from the
context and the payload as part of all the fields.
[[pagerduty-event-trigger-context-attributes]]
2019-09-30 13:18:50 -04:00
.Pagerduty event trigger context attributes
2017-03-28 17:23:01 -04:00
[cols=",^,", options="header"]
|======
| Name |Required | Description
| `type` | yes | One of `link` or `image`.
| `href` | yes/no | A link to include more information. Must be there if the
type is `link`, optional if the type is `image`
| `src` | no | A src attribute for the `image` type.
|======
[[configuring-pagerduty]]
2019-09-30 13:18:50 -04:00
==== Configuring PagerDuty accounts
2017-03-28 17:23:01 -04:00
You configure the accounts {watcher} uses to communicate with PagerDuty in
the `xpack.notification.pagerduty` namespace in `elasticsearch.yml`.
To configure a PagerDuty account, you need the API integration key for
the PagerDuty service you want to send notifications to. To get the
key:
. Log in to http://pagerduty.com[pagerduty.com] as an account administrator.
. Go to **Configuration > Services** and select the PagerDuty service. The
service must use the API integration.
+
2017-04-17 22:58:19 -04:00
image::images/pagerduty-services.jpg[]
2017-03-28 17:23:01 -04:00
. Click the **Integrations** tab and copy the API integration key.
+
2017-04-17 22:58:19 -04:00
image::images/pagerduty-integrations.jpg[]
2017-03-28 17:23:01 -04:00
2018-03-26 03:10:04 -04:00
To configure a PagerDuty account in the keystore, you
2019-09-30 13:18:50 -04:00
must specify an account name and integration key, (see <<secure-settings>>):
2017-03-28 17:23:01 -04:00
[source,yaml]
--------------------------------------------------
2018-03-26 03:10:04 -04:00
bin/elasticsearch-keystore add xpack.notification.pagerduty.account.my_pagerduty_account.secure_service_api_key
2017-03-28 17:23:01 -04:00
--------------------------------------------------
2019-04-18 20:30:08 -04:00
deprecated[7.0.0, "Storing the service api key in the YAML file or via cluster update settings is still supported, but the keystore setting should be used."]
2018-03-26 03:10:04 -04:00
2019-09-30 13:18:50 -04:00
You can also specify defaults for the
<<pagerduty-event-trigger-incident-attributes,PagerDuty event attributes>>:
2017-03-28 17:23:01 -04:00
.
[source,yaml]
--------------------------------------------------
xpack.notification.pagerduty:
account:
my_pagerduty_account:
event_defaults:
description: "Watch notification"
incident_key: "my_incident_key"
client: "my_client"
client_url: http://www.example.org
event_type: trigger
attach_payload: true
--------------------------------------------------
If you configure multiple PagerDuty accounts, you either need to set a default
account or specify which account the event should be sent with in the
2019-09-30 13:18:50 -04:00
<<actions-pagerduty,`pagerduty`>> action.
2017-03-28 17:23:01 -04:00
[source,yaml]
--------------------------------------------------
xpack.notification.pagerduty:
default_account: team1
account:
team1:
...
team2:
...
--------------------------------------------------
