StatusCast integration for Splunk On-Call ๐
The StatusCast integration allows you to automatically create and update StatusCast incidents based on Splunk On-Call incidents. The following guide walks you through the setup process.
Requirements ๐
This integration is compatible with the following versions of Splunk On-Call:
Enterprise
Set up outgoing webhooks in Splunk On-Call ๐
In Splunk On-Call, navigate to Integrations, Outgoing Webhooks and select Add Webhook. This creates 2 separate outgoing webhooks as part of the setup.
Fill out the following fields:
Event: During the setup of the first outgoing webhook, set the field to . For the second outgoing webhook, set the field to .
Method: Set to .
Content Type: Set to .
To: Set to
https://<yourapp>.statuscast.com/webhook/victorops. Replace<yourapp>in the URL with your status page name.Payload: Your payload tells StatusCast what resource is affected and what the current status is. For example:
{
monitorName: "${{ALERT.monitor_name}}",
state: "${{ALERT.entity_state}}"
}
The monitor name corresponds to a template in StatusCast. Customize the payload values while preserving the property names listed as required. The monitorName property maps to a corresponding template in StatusCast.
Repeat the previous steps to create another outgoing webhook, this time with an Event value of .
StatusCast configuration ๐
To complete the setup, configure your StatusCast account by following these steps:
Log into the administrative portal and navigate to the Monitors section. Here you can create an entry for each monitor in your Splunk On-Call account that you want StatusCast to automatically create incidents for.
Select and in the Choose Provider menu select :
Enter the Alert Name for the monitor. This corresponds to the monitor name that set off an alert.
Enter the Authored by value, which defines who is the author of the incident. If you page is set to hide authors, they remain hidden.
Other incident settings include Type, Affected components, Subject, and Message. They reflect the same general options you get when creating an incident. For more information on this process, see How do I post a new incident or status in the StatusCast official documentation.
With the incident settings filled out, define the workflow of the incident you are posting:
Notify theses employees: Select which employees StatusCast notifies when this type of incident gets created. You can select multiple employees.
Wait time: Amount of time StatusCast waits before creating your incident. This is used to buffer out incidents that are resolved in a matter of minutes. If your monitoring service already has this built in, you can set the value to 0, which causes StatusCast to post the incident when itโs received.
Combine alerts: When your monitoring services send out multiple requests, you can choose to combine them to prevent redundant incidents from being reported.
Auto-publish: If selected, your incident is automatically published, which notifies all subscribers. If this option is turned off, your employees need to activate the post manually, either by logging into StatusCast and activating it within the Dashboard or by replying to the notification email.
Auto-close: If selected, your incident is closed when your monitoring service sends an update. By selecting this you can also enter a Closing Comment to be posted.
After you have all the configurations set, select Submit` to save the configuration.