Panopta integration for Splunk On-Call π
The following guide walks you through the steps needed to get the Panopta integration into Splunk On-Call.
Requirements π
This integration is compatible with the following versions of Splunk On-Call:
Starter
Growth
Enterprise
Splunk On-Call configuration π
In the Splunk On-Call portal go to Settings, Alert Behavior, Integrations.
Select the
integration.Copy the service API endpoint URL.
Make sure to add the appropriate routing key to your endpoint URL. See Create Routing Keys in Splunk On-Call.
Panopta configuration π
From the Alerting menu in the control panel, select the Integrations tab.
Select the webhooks integration.
Name the integration. Under the Incident Webhook tab, set the request method to POST, and the postback URL as the Splunk On-Call REST endpoint URL from the previous step.
Select a raw payload as your payload type, then copy the following JSON snippet in the code box:
`json
{"message_type":"CRITICAL","entity_id":"$name", "state_message":"$items - $reasons","monitoring_tool":"Panopta"}
`
To also send a recovery message to Splunk On-Call, create a second webhook under the Clear Webhook tab. Give it a name, like Splunk On-Call Recovery. Select POST as your request method, and paste in your Splunk On-Call REST endpoint URL for the Postback URL.
`json
{"message_type":"RECOVERY","entity_id":"$name", "state_message":"$items - $reasons","monitoring_tool":"Panopta"}
`