PRTG integration for Splunk On-Call (Legacy email version) π
PRTG is a highly flexible and generic software for monitoring IT infrastructure. The following documentation will walk you through how to send PRTG notifications to the Splunk On-Call timeline by using the generic email endpoint.
Requirements π
This integration is compatible with the following versions of Splunk On-Call:
Starter
Growth
Enterprise
To ensure incidents are resolved correctly, choose static fields for the Critical and Resolved subject lines.
Splunk On-Call configuration π
In Splunk On-Call, select Integrations, PRTG.
If the integration isnβt active, select Enable Integration to generate your endpoint URL. Make sure to replace the $routing_key
section with the actual routing key you want to use.
PRTG configuration π
From the main dashboard, select Setup, Account Settings, Notifications.
Select Add new notification.
Give the notification a name.
Make sure the status is set to :Started. Under Notification summarization, set the Method to Always notify ASAP.
Create an incident π
Select the check box for Send email. This expands the email settings.
Paste your Splunk On-Call email endpoint address into the Send to Email Address field.
Use the following text as the subject line:
[%sitename] %device %name CRITICAL
Resolve an incident π
If you want PRTG to send a recovery email to close the incident in Splunk On-Call when a monitored device recovers, you need to create a separate notification using another email that uses this text as the subject:
[%sitename] %device %name RECOVERY
Set the Format field to Text, then select Save.
To test the integration, return to the Notifications, find your newly created Splunk On-Call notification method and select Test. This triggers an incident in your Splunk On-Call timeline.