Splunk On-Call Integration

From OSNEXUS Online Documentation Site
Revision as of 02:52, 16 March 2022 by Qadmin (talk | contribs) (→‎Step 6 - Apply Changes and Test)
(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Jump to navigation Jump to search


Splunk On-Call (aka victorops) is a cloud based ITSM (IT Service Management) system for IT organizations to manage their support process and ticketing. Quantastor integrates via a webhook API URL which must be added to the QuantaStor Alert Manager screen as a new Alert Endpoint.

Step 1 - Add REST Generic Integration

Login to your Splunk On-Call account then navigate to the Integrations section.

Select the "REST Generic" integration which is listed in the Featured integrations section.

Step 2 - Copy the API Key

The Generic REST API provides a URL that looks like this which you will use later to add into your QuantaStor system as an Alert Webhook. The URL looks like this but the part that says $routing_key must be replace with your Routing Key. 

https://alert.victorops.com/integrations/generic/20131114/alert/e884cbc2-1481-4e7c-b38a-c4f03946d913/$routing_key

Step 3 - Create a Routing Key

Navigate to the Settings -> Routing Keys section within your Splunk On-Call account then click the Add Key button to generate a new routing key. You can name your routing key anything you like such as 1234123412341234 or QUANTASTORGRID

Step 4 - Assemble Webhook URL

QuantaStor needs the API Key from step two combined with a routing key from Step 4, when combined your webhook URL should look something like this where QUANTASTORGRID is your Routing Key in this example: 

https://alert.victorops.com/integrations/generic/20131114/alert/e884cbc2-1481-4e7c-b38a-c4f03946d913/QUANTASTORGRID

Step 5 - Add Webhook URL to QuantaStor

Login to your QuantaStor storage grid and then select the "Alert Manager" button to bring up the dialog for adding more alert endpoints. On the second page select "splunkoncall" from the dropdown list of ITSM integrations and then input the URL endpoint you assembled per the instructions on Step 4.


Step 6 - Apply Changes and Test

Apply your changes then use the "Generate Test Alert" button to generate a test alert to verify everything is configured correctly and Incidents are making it to Splunk On-Call. Note that "INFO" level alerts are not sent to the ITSM modules so be sure to generate a "WARNING" or "ERROR" level alert for testing.

To view your test alerts in Splunk On-Call login to your account and navigate to the Incidents section.

Retrieved from "https://wiki.osnexus.com/index.php?title=Splunk_On-Call_Integration&oldid=20287"