Introduction to the PagerDuty SyncPack

Download this manual as a PDF file 

This section describes how you can use the "PagerDuty" SyncPack to automatically trigger, acknowledge, and resolve SL1 events and PagerDuty incidents between PagerDuty and SL1 . The integration is bi-directional, from SL1 to PagerDuty.

This SyncPack uses the "PagerDuty Incident Integration" PowerPack.

What Can I Do with this SyncPack?

The "PagerDuty" SyncPack lets you automatically trigger, acknowledge, and resolve SL1 events and PagerDuty incidents between PagerDuty and SL1. The integration is bidirectional, from SL1 to PagerDuty.

You can configure this SyncPack to perform the following integrations:

  • Create an alert in PagerDuty from an SL1 event.
  • Collect on-call details from PagerDuty and add it to the notes of the corresponding SL1 event.
  • Update a synced Opsgenie alert when an event is acknowledged in SL1, including closing an alert in Opsgenie that was resolved by a corresponding SL1 event.
  • Collect resolved alert data from Opsgenie and clear the corresponding SL1 event.

Contents of the SyncPack

This section lists the contents of the "PagerDuty" SyncPack.

PowerFlow Applications

  • Create Event in PagerDuty from SL1 Event. This application sends SL1 event information to PagerDuty. The application translates and formats the event data from SL1 so that it can be consumed by PagerDuty to trigger, acknowledge, or resolve an incident.
  • Get PagerDuty log and incident data. This application queries the PagerDuty API to collect log entries and incident data. The collected entries are formatted and passed to subordinate applications that process the data to update, acknowledge, and clear events in SL1.
  • Clear resolve event from ScienceLogic. This application clears an event in SL1 that was resolved in PagerDuty. This application is called by the "Create resolve alert data from PagerDuty" application for each event that needs to be cleared.
  • Post event updates to ScienceLogic. This application updates SL1 events using the data collected from the PagerDuty API.

For more information about how to configure these applications, see Configuring and Aligning the PagerDuty Applications.

PowerFlow Applications (Internal)

The following applications are "internal" applications that should not be run directly, but are automatically run by applications from the previous list:

  • Create resolve alert data from PagerDuty. This application is called by the "Get PagerDuty log and incident data" application to process log messages that indicate that an incident has been resolved. This application queries the PagerDuty API for the alerts associated with the resolved incidents. If the alert was triggered from an SL1 event, the application calls the "Clear resolve event from ScienceLogic" application to clear the event.
  • Get trigger alert data from PagerDuty. This application is called by the "Get PagerDuty log and incident data" application to process log messages that indicate that an incident has been triggered. This application queries the PagerDuty API for the alerts associated with those triggered incidents. If the alert was triggered from an SL1 event, the application calls the "Post event updates to ScienceLogic" application to add to incident ID to the event.
  • Get alert and user data from PagerDuty and ScienceLogic. This application is called by the "Get PagerDuty log and incident data" application to process log messages that indicate that an incident has been acknowledged. This application queries the PagerDuty API for the alerts associated with acknowledged incidents. If the alert was triggered from an SL1 event, the application updates the SL1 event so that the acknowledgment matches PagerDuty. This application also determines the date of the most recently processed alert and stores that value to be used by the next execution of the "Get PagerDuty log and incident data" application.

Configuration Object

  • PagerDuty Base Config. This configuration object can be used as a template after the SyncPack is installed on the PowerFlow system. The configuration object includes the following:
  • Details for connecting to the SL1 API, including the URL, username, and password
  • Details for connecting to the PagerDuty API, including the URL, username, and password
  • Details for connecting to the PagerDuty REST API, including the URL and API key
  • Details for connecting to an HTTP Proxy when communicating with PagerDuty, including the hostname or IP address, username, and password
  • An optional identifier that appends the event ID to create a PagerDuty dedup key. This can be used to avoid routing collisions when multiple SL1 platforms connect to the same PagerDuty instance.
  • Mapping between SL1 events and PagerDuty incidents including, event summary formats, event data, and indications to resolve or link incidents between SL1 and PagerDuty

Steps

The following steps are included in this SyncPack:

  • Acknowledge the alert by user
  • Check for since parameter after query
  • Check conditional
  • Get alert count and acknowledge the alert by user
  • Get incident and user data
  • Get resolve incident data
  • Get trigger incident data
  • Get user email from user details
  • Convert ScienceLogic event data to PagerDuty event