PagerDuty action
editPagerDuty action
editUse the PagerDuty action to create events in
PagerDuty. To create PagerDuty events, you must configure at least one PagerDuty account in elasticsearch.yml.
Configuring PagerDuty actions
editYou configure PagerDuty actions in the actions array. Action-specific attributes
are specified using the pagerduty keyword.
The following snippet shows a simple PagerDuty action definition:
Adding meta information to a PagerDuty incident
editTo give the PagerDuty incident some more context, you can attach the payload as well as an array of contexts to the action.
"actions" : {
"notify-pagerduty" : {
"throttle_period" : "5m",
"pagerduty" : {
"account" : "team1",
"description" : "Main system down, please check! Happened at {{ctx.execution_time}}"
"attach_payload" : true,
"client" : "/foo/bar/{{ctx.watch_id}}",
"client_url" : "http://www.example.org/",
"contexts" : [
{
"type": "link",
"href": "http://acme.pagerduty.com"
},{
"type": "link",
"href": "http://acme.pagerduty.com",
"text": "View the incident on {{ctx.payload.link}}"
}
]
}
}
}
Pagerduty action attributes
edit| Name | Required | Description |
|---|---|---|
|
no |
The account to use, falls back to the default one.
The account needs a |
Table 99. Pagerduty event trigger incident attributes
| Name | Required | Description |
|---|---|---|
|
yes |
A quick description for this event |
|
no |
The event type to sent. Must be one of |
|
no |
The incident key on the pagerduty side, also used for de-duplication and allows to resolve or acknowledge incidents. |
|
no |
Name of the client triggering the incident, i.e.
|
|
no |
A client URL to visit to get more detailed information. |
|
no |
If set to |
|
no |
An array of objects, that allow you to provide additional links or images in order to provide more context to the trigger. |
|
no |
The proxy host to use (only in combination with |
|
no |
The proxy port to use (only in combination with |
You can configure defaults for the above values for the whole service using the
xpack.notification.pagerduty.event_defaults.* properties as well as
per account using xpack.notification.pagerduty.account.your_account_name.event_defaults.*
All of those objects have templating support, so you can use data from the context and the payload as part of all the fields.
Configuring PagerDuty accounts
editYou configure the accounts Watcher uses to communicate with PagerDuty in
the xpack.notification.pagerduty namespace in elasticsearch.yml.
To configure a PagerDuty account, you need the API integration key for the PagerDuty service you want to send notifications to. To get the key:
- Log in to pagerduty.com as an account administrator.
-
Go to Configuration > Services and select the PagerDuty service. The service must use the API integration.
-
Click the Integrations tab and copy the API integration key.
To configure a PagerDuty account in the keystore, you must specify an account name and integration key, (see Secure settings):
bin/elasticsearch-keystore add xpack.notification.pagerduty.account.my_pagerduty_account.secure_service_api_key
Deprecated in 7.0.0.
Storing the service api key in the YAML file or via cluster update settings is still supported, but the keystore setting should be used.
You can also specify defaults for the PagerDuty event attributes: .
xpack.notification.pagerduty:
account:
my_pagerduty_account:
event_defaults:
description: "Watch notification"
incident_key: "my_incident_key"
client: "my_client"
client_url: http://www.example.org
event_type: trigger
attach_payload: true
If you configure multiple PagerDuty accounts, you either need to set a default
account or specify which account the event should be sent with in the
pagerduty action.
xpack.notification.pagerduty:
default_account: team1
account:
team1:
...
team2:
...