Content Pack for ITE Work Alert Routing

Content Pack for ITE Work Alert Routing

This documentation does not apply to the most recent version of Content Pack for ITE Work Alert Routing. For documentation on the most recent version, go to the latest release.

About the Content Pack for ITE Work Alert Routing

IT Essentials Work (ITE Work) is a free app that helps you monitor and analyze your IT infrastructure. The app provides data integrations and investigation tools for operating systems, virtual infrastructures, and containers. The Content Pack for ITE Work Alert Routing is intended for use with IT Essentials Work.

Content pack alerts

By default, alerts triggered from the vital metrics alert configuration in IT Essentials Work are stored in a Splunk index. IT Essentials Work users can view alerts on the Alerts and Episodes page. This content pack extends the default alert functionality by allowing you to take an external action when an alert is triggered, such as sending an email.

To determine what action to take, and to whom the alert should be sent, you can configure one or more external actions on the entity Info Fields in the entity configuration. Any time an alert is created for an entity, the content pack triggers the configured action(s) for that entity.

The following external actions are available:

  • Send an email
  • Create an incident in Splunk On-Call
  • Create an incident in ServiceNow
  • Execute a custom script or action

To learn more about entity configuration, see Install and configure the Content Pack for ITE Work Alert Routing.

ITSI and ITE Work support

The content in the Content Pack for ITE Work Alert Routing is only supported in ITE Work.

Alerts outside of IT Essentials Work

The content pack only acts on the alerting configuration of an IT Essentials Work vital metric and not from the Splunk App for Infrastructure (SAI) or Splunk Enterprise.

Any alerts and alert action configurations from SAI will continue to operate as they are configured in SAI. If the same alert is configured in both SAI and IT Essentials Work, you might receive duplicate alert actions.

Any alerts and alert action configurations from Splunk Enterprise will continue to operate as they are configured in Splunk Enterprise. If the same alert is configured in both Splunk Enterprise and IT Essentials Work, you might receive duplicate alert actions.

Installation

The Splunk App for Content Packs contains the Content Pack for ITE Work Alert Routing. The content pack is automatically available once you install the Splunk App for Content Packs.

For installation instructions, see Install the Splunk App for Content Packs in the Splunk App for Content Packs manual.

Deployment requirements

Use the following table to determine version compatibility:

Content Pack for ITE Work Alert Routing version IT Essentials Work version Splunk App for Content Packs version
1.0.1 4.9.4 or 4.11.0 1.4.0
1.0.0 4.9.0 or higher 1.3.0

Additional resources

Last modified on 15 March, 2023
  Release notes for the Content Pack for ITE Work Alert Routing

This documentation applies to the following versions of Content Pack for ITE Work Alert Routing: 1.0.1

Acrobat logo Download manual
Acrobat logo Download this page

Was this topic useful?







You must be logged into splunk.com in order to post comments. Log in now.

Please try to keep this discussion focused on the content covered in this documentation topic. If you have a more general question about Splunk functionality or are experiencing a difficulty with Splunk, consider posting a question to Splunkbase Answers.

0 out of 1000 Characters