This
Workflow for Configuring the SyncPack
The following workflows describe how to configure SL1 and PowerFlow to work with the "PagerDuty" SyncPack.
Configuring SL1
- Create a Basic/Snippet credential to access PowerFlow
- Edit the PagerDuty run book actions
- Enable the PagerDuty run book automations
Configuring PowerFlow
- Create a configuration object
- Align the configuration object and configure the PagerDuty PowerFlow applications
- Schedule the PowerFlow applications
Configuring SL1
The following topics cover how to set up your SL1 instance to work with the "PagerDuty" SyncPack:
- Create a Basic/Snippet credential to access PowerFlow
- Edit the PagerDuty run book actions
- Enable the PagerDuty run book automations
Creating a Basic/Snippet Credential to Access SL1 PowerFlow
You will need to create a Basic/Snippet credential in SL1 so that the action policies included in the "PagerDuty Incident Integration" PowerPack can access your PowerFlow system.
To create a Basic/Snippet credential:
- In SL1, go to the Credentials page (Manage > Credentials).
- Click Create Basic/Snippet Credential. The Create Credential window appears. and select
- Complete the following fields:
- Name. Name of the credential. Can be any combination of alphanumeric characters. This field is required.
- All Organizations. Toggle on (blue) to align the credential to all organizations, or toggle off (gray) and then select one or more specific organizations from the What organization manages this service? drop-down field to align the credential with those specific organizations.
- Timeout (ms). Time, in milliseconds, after which SL1 will stop trying to communicate with the authenticating server.
- Hostname/IP. Hostname or IP address of your PowerFlow system. This field is required.
- Port. Type "443". This field is required.
- URL. Type the URL for your PowerFlow system.
- Username. Username for a user account on the PowerFlow system.
- Password. Password for a user account on the PowerFlow system.
- Click .
- Take note of the SL1-assigned ID number for the new credential on the Credentials page, in the ID column. You will need the ID number when editing the input parameters of the run book actions included in the PowerPack, below.
When you define a Basic/Snippet credential, the credential will automatically be aligned with the organization(s) where you are a member. To learn more about credentials and organizations, see Credentials
Editing the PagerDuty Run Book Action
The "PagerDuty Incident Integration" PowerPack includes the "PagerDuty: Trigger/Acknowledge/Resolve Alert" run book action. This action uses the "Run Integration Service Application" action type to trigger thePowerFlow application that sends events to PagerDuty. You can specify the credential ID and an optional platform identifier in a JSON structure that you enter in the Input Parameters field in the Action Policy Editor modal.
To edit the "PagerDuty: Trigger/Acknowledge/Resolve Alert" run book action:
- In SL1, go to the Actions page (Registry > Run Book > Actions).
- Locate the "PagerDuty: Trigger/Acknowledge/Resolve/Alert" automation action, and then click its wrench icon (). The Editing Action page appears.
- In the Input Parameters field, change the values of the following parameters:
- credential_id. Change the value to the credential ID that you noted earlier when creating a credential for your PowerFlow system in the previous procedure. This parameter is required.
- include_event. Leave the value as "true".
- application_name. Leave the value as "send_sl1_events_to_pagerduty".
- platform_identifier. Change the value to the unique identifier you created for each event sent to PagerDuty. This value must match the "platform_identifier" parameter in the PowerFlow configuration object that you configured for this SL1 platform.
For more information on configuring the platform_identifier field in your PowerFlow applications, see Scheduling the PowerFlow Applications.
- Make sure the Action State is set to Enabled, and then click .
Enabling the PagerDuty Run Book Automations
The "PagerDuty Incident Integration" PowerPack includes the following automation policies:
- "PagerDuty": Acknowledge Alert
- "PagerDuty": Resolve Alert
- "PagerDuty": Trigger Alert
These policies update the PagerDuty incident with the state of the event in SL1. When the event is first detected in SL1, the "triggered" state is sent. When the event is acknowledged in SL1, the "acknowledged" state is sent. When the event is cleared in SL1, the "resolved" state is sent.
To enable the run book automations:
- In SL1, go to the Automation page (Registry > Run Book > Automation).
- Locate a PagerDuty automation policy and click its wrench icon (). The Automation Policy Editor page appears.
- Update the following fields:
- Policy State. Select Enabled.
- Policy Priority. Select High to ensure that this PowerFlow automation policy is added to the top of the queue.
- Available Actions. If it is not already selected, select the "Run Integration Service Application" action and click the arrows to move it to Aligned Actions.
ScienceLogic highly recommends that you do not make changes to the Policy Type, Repeat Time, or Align With fields or the And event is NOT acknowledged setting.
- Click .
- Repeat steps 2-4 for the remaining PagerDuty run book automation policies.
Configuring PowerFlow
The following topics cover how to set up your PowerFlow instance to work with the "PagerDuty" SyncPack:
- Create a configuration object
- Align the configuration object and configure the PagerDuty PowerFlow applications
- Schedule the PowerFlow applications
Creating a Configuration Object
A configuration object supplies the login credentials and other required information needed to execute the steps for a PowerFlow application. The Configurations page () of the PowerFlow user interface lists all available configuration objects for that system.
You can create as many configuration objects as you need. A PowerFlow application can only use one configuration object at a time, but you can use (or "align") the same configuration object with multiple applications.
For this SyncPack, you can make a copy of the "PagerDuty Base Config" configuration object, which is the sample configuration file that was installed with the "PagerDuty" SyncPack. Then you can integrate one PagerDuty instance with multiple SL1 instances by creating a separate configuration for each SL1 instance.
The "PagerDuty Base Config" configuration object contains all of the required variables. Simply update the variables from that object to match your SL1 and PagerDuty settings.
To create a configuration object based on the "PagerDuty Base Config" configuration object:
- In the PowerFlow user interface, go to the Configurations page ().
- Click the Edit. The Configuration pane appears. button () for the "PagerDuty Base Config" configuration object and select
-
Click Create Configuration pane appears.
. The -
Complete the following fields:
- Friendly Name. Name of the configuration object that will display on the Configurations page.
- Description. A brief description of the configuration object.
- Author. User or organization that created the configuration object.
- Version. Version of the configuration object.
-
In the Configuration Data field, update the default variable definitions to match your PowerFlow configuration:
- event_api. The URL of the PagerDuty event API for all PagerDuty instances. The default value is "https://events.pagerduty.com/v2/enqueue". You do not need to update this field.
- integration_key. The routing/integration key to use when sending events.
- pd_base_url. The base URL of the PagerDuty REST API for all PagerDuty instances. The default value is "https://api.pagerduty.com". You do not need to update this field.
- rest_api_key. The api key to use when syncing information to SL1 from PagerDuty.
- sl1_host. The hostname or IP address of the SL1 system the incident states will synchronize to.
- sl1_user. The username for your SL1 system.
- sl1_password. The password for your SL1 system.
- proxy_host. The hostname or IP address of the HTTP proxy that will be used when making an API request to PagerDuty.
- proxy_user. The username for your associated HTTP proxy.
- proxy_password.The password for your associated HTTP proxy.
- platform_identifier. The parameter that is appended to the event ID to create the PagerDuty dedup key. When you configure your SL1 system to send event data to PagerDuty via PowerFlow, the "platform_identifier" parameter in the Run Book Action must match this value.
- summary_string. The string that reflects how the summery field is constructed before it is sent to PagerDuty. You can use Run Book Variables to dynamically include SL1 event data in the summary field. For example, the default value, "%S: %X: %M", includes the severity, affected device, and event message in the summary string.
- custom_details. A structure of "key:value" pairs that can be used to provide additional SL1 event data to PagerDuty. You can use Run Book Variables to dynamically include SL1 event data in this field.
- resolve_events. A value to indicate whether events should be resolved in SL1 when the incident is resolved in PagerDuty. The default value is "False". If the value is "False", SL1 events will not be automatically cleared in SL1 when the corresponding PagerDuty incident is resolved.
- link_events. A value to indicate whether events should be updated with the incident URL from PagerDuty. The default value is "True". If the value is "True", the External Ticket ID field will be updated with the ID and URL of the PagerDuty incident.
For information on creating a PagerDuty service and accessing the integration key, see https://support.pagerduty.com/docs/services-and-integrations#create-a-new-service.
For more information on generating a PagerDuty REST API key, see https://support.pagerduty.com/docs/generating-api-keys#generating-a-general-access-rest-api-key.
For more information on Run Book Variables, see
SL1 supports only one value in this field. To avoid conflicts with other integrations, set this value to 'False' if your SL1 system has been integrated with another incident management system, e.g. ServiceNow.
- Click . You can now align this configuration object with one or more applications.
Aligning a Configuration Object and Configuring PowerFlow Applications
In PowerFlow, you will need to align the PowerFlow applications for PagerDuty with the relevant configuration object, and, if needed, update any other fields on the Configuration pane for the applications.
To run this SyncPack, you must "align" the configuration object you just created with the following PowerFlow applications:
- "Clear resolve event from ScienceLogic"
- "Get PagerDuty log and incident data"
- "Get resolve alert data from PagerDuty"
- "Get trigger alert data from PagerDuty"
- "Get alert and user data from PagerDuty and ScienceLogic"
- "Post event updates to ScienceLogic"
- "Create event in PagerDuty from SL1 event"
To align the configuration object with the relevant PowerFlow applications:
-
On the Applications page of the PowerFlow user interface, open one of the PowerFlow applications listed above and click . The Configurations pane for that application appears.
-
From the Configurations drop-down, select the configuration object you want to use.
The values for proxy_host and the other parameters that appear in the Configuration pane with a padlock icon () are populated either by the configuration object you aligned with the application or by the Run Book Action. Do not modify these values. If you encounter an error, make sure your Run Book Action is configured properly.
- Update any of the remaining fields on the Configurations pane as needed.
- Click .
- Repeat this process for the other PowerFlow applications.
Scheduling PowerFlow Applications
Using the "PagerDuty Incident Integration" PowerPack, you can optionally configure a single PowerFlow instance and single PagerDuty instance with multiple SL1 instances using the automation actions included in the PowerPack.
To run the automation, you must create a configuration object for each SL1 instance and schedule the "Get PagerDuty log and incident data" application.
You can create one or more schedules for a single application in the PowerFlow user interface. When creating each schedule, you can specify the queue and the configuration file for that application.
To create a schedule:
- On the Applications page (), click the button for the application you want to schedule. The Scheduler window appears.
- In the Schedule List pane, click the down arrow icon () next to an existing schedule to view the details for that schedule.
- In the Schedule Creator pane, complete the following fields for the default Frequency setting:
- Schedule Name. Type a name for the schedule.
- Frequency in seconds. Type the number of seconds per interval that you want to run the application.
- Custom Parameters. Type any JSON parameters you want to use for this schedule, such as information about a configuration file or mappings.
- To use a cron expression, click the Switch to Cron Expression toggle to turn it blue. If you select this option, you can create complicated schedules based on minutes, hours, the day of the month, the month, and the day of the week:
As you update the cron expression, the Schedule window displays the results of the expression in more readable language, such as Runs app: "Every 0 and 30th minute past every hour on Sat", based on 0,30 in the Minutes field and 6 in the Day of Week field.
- Click Schedule List pane. Also, on the Applications page, the button now displays with a dark blue background: . The schedule is added to the
After you create a schedule, it continues to run until you delete it. Also, you cannot edit an existing schedule, but you can delete it and create a similar schedule if needed.
To view or delete an existing schedule:
- On the Applications page, click the button for the application that contains a schedule you want to delete. The Scheduler window appears.
- Click the down arrow icon () to view the details of an existing schedule.
- To delete the selected schedule, click the Actions icon () and select .
On the Scheduler window for a PowerFlow application, you can click the button from the Schedule List pane to make a copy of an existing schedule.
When either multiple SL1 instance or multiple PagerDuty instances are involved with PowerFlow, you should create an individual configuration object for each SL1 or PagerDuty instance. Next, create an individual schedule for each configuration object. Each schedule should use a configuration object that is specific to that single SL1 or PagerDuty instance. Creating copies of a PowerFlow application from a SyncPack for the purpose of distinguishing between domains is not supported, and will result in issues on upgrades.