Incident.io
Incident.io is an incident management platform that helps customers declare, collaborate, communicate around and learn from events that disturb their normal course of business - from critical infrastructure being down, to data breaches and security incidents.
This guide explains how to receive incident.io alerts from Monte Carlo alerts.
Setting up Incident.io notifications
- Visit the notification settings page.
- Create an audience or edit an existing audience.
- Name the Audience and select incident.io as the Recipient channel.
- Enter the destination incident.io URL from incident.io and token if applicable.
- [Optional] Name this recipient, as a single audience can have multiple recipients.
- Create audience.
Alert events and updates
The following events receive an update to incident.io:
- Alert is created
- Alert is acknowledged
- Alert status is updated
- Alert owner is changed
- External ticket is attached to an alert (Jira, ServiceNow, etc.)
- Alert is marked as incident
- Alert is unmarked as incident
- Alert is resolved
The following are the key fields that are changed by alert updates.
| Webhook event | alert_feedback | declared_alert_severity | owner |
|---|---|---|---|
| Alert is created | null | null | not included in payload |
| Alert is acknowledged | investigating | -- | -- |
| Alert status is updated | investigating, no_status, work_in_progress, fixed, expected, no_action_needed, false_positive | -- | -- |
| Alert owner is changed | -- | -- | email of assigned owner |
| External ticket is attached to an alert | -- | -- | -- |
| Alert is marked as incident | investigating (only if current is null or no_status) | SEV-1, SEV-2, SEV-3, SEV-4 | -- |
| Alert is unmarked as incident | -- | null | -- |
| Alert is resolved | fixed, expected, no_action_needed, false_positive | -- | -- |
Updated 4 months ago