Splunk On-Call Integration

From OSNEXUS Online Documentation Site
Revision as of 19:42, 15 March 2022 by Qadmin (Talk | contribs)

(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Jump to: navigation, search


Splunk On-Call (aka victorops) is a cloud based ITSM (IT Service Management) system for IT organizations to manage their support process and ticketing. Quantastor integrates via a webhook API URL which must be added to the QuantaStor Alert Manager screen as a new Alert Endpoint.

Step 1 - Add REST Generic Integration

Login to your Splunk On-Call account then navigate to the Integrations section.

Select the "REST Generic" integration which is listed in the Featured integrations section.

Step 2 - Copy the API Key

The Generic REST API provides a URL that looks like this which you will use later to add into your QuantaStor system as an Alert Webhook. The URL looks like this but the part that says $routing_key must be replace with your Routing Key. 

https://alert.victorops.com/integrations/generic/20131114/alert/e884cbc2-1481-4e7c-b38a-c4f03946d913/$routing_key



Step 2 - Add the Service Desk Endpoint to QuantaStor

Login to your QuantaStor storage grid and then select the "Alert Manager" button to bring up the dialog for adding more alert endpoints. On the second page select "solarwinds" from the dropdown list of ITSM integrations and then input the URL endpoint.

All Solarwinds Service Desk endpoints must start with this HTTPS URL as the prefix: 

https://api.samanage.com/incidents/

Continuing the example above the full URL endpoint to put into QuantaStor will look like this with the JSON Web Token appended: 

https://api.samanage.com/incidents/c3RldmVuLnVtYmVob2NrZXJAb3NuXh1cy5jb20=:eyJhbGciOiJIUzxMiJ9.eyJ1c2VyX2lkIjo4MDYyDY1LCJnZ5lcmF0ZWRfYXQiOiIyMDIyLTAzLTE1IDAyOjAyOjQ5In0.wmOgU313QOYteRkoRP3C7MBesPZhvKibktILXEiPBCBKM7sQ5VdeMR1wBcOtuGtJNyFSXrrIZaVxQxDn09yk1Q

Step 3 - Apply Changes and Test

Apply your changes then use the "Generate Test Alert" button to generate a test alert to verify everything is configured correctly and alerts are making it to Service Desk. Note that "INFO" level alerts are not sent to the ITSM modules so be sure to generate a "WARNING" or "ERROR" level alert for testing.

To view your test alerts in Service Desk login to your account and navigate to Service Desk -> Incidents

Retrieved from "https://wiki.osnexus.com/index.php?title=Splunk_On-Call_Integration&oldid=20282"