Destinations are the data outputs to Applied Intelligence, where you can view your automatically correlated incidents. You can configure Incident Intelligence destinations to send data to PagerDuty or webhooks. This document gives examples of destination templates, webhook formats, and JSON formats.
EOL NOTICE
As of October 2021, we've discontinued support for several capabilities with PagerDuty, including suggested responders, golden signals, and component enrichment. For more details, including how you can easily make this transition, see our Explorers Hub post.
Destination template examples
The following template example destinations are formatted in Jinja2.
{ "alias": {{ id }}, "message": {{ ui_name }}, "source": '{{ sources }}', "priority": {{ priority }}, "details": { "self_url": {{ url }}, "state": {{ state }}, "is_correlated": {{ is_correlated }}, "created_on": {{ created_on }}, "modified_on": {{ modified_on }}, "activated_on": {{ active_since }}, "closed_on": {% if closed_on is defined %} {{ closed_on }} {% else %} None {% endif %}, "is_correlated": {{ is_correlated }} }, "description": """Incidents [ {% for incident in incidents %} { "id": {{ incident.id }}, "events_count": {{ incident.events_count }}, "labels": {{ incident.labels }}, "title": {{ incident.title }}, "description": {{ incident.description }}, "state": {{ incident.state }}, "sources": {{ incident.sources }}, "modified_on": {{ incident.modified_on }}, "opened_on": {{ incident.opened_on }}, "closed_on": {{ incident.closed_on }} } {% if not loop.last %},{% endif %}{% endfor %} ]"""}{"short_description": {{ ui_name }},"description": 'Issue Id: {{ id }}, \n Description: {{ description }}, \n Sources: {{ sources }}, \n Priority: {{ priority }}, \n Details: { \n self_url: {{ url }}, \n state: {{ state }}, \n is_correlated: {{ is_correlated }}, \n created_on: {{ created_on }}, \n modified_on: {{ modified_on }}, \n activated_on: {{ active_since }}, \n closed_on: {% if closed_on is defined %} {{ closed_on }} {% else %} None {% endif %}, \n is_correlated: {{is_correlated}} }, \n\n incidents: {{ incidents }}, \n\n pathways: {{ pathways }}'}Go to Slack incoming WebHooks
Choose the right Slack workspace and click "Add to Slack"
Select the destination channel to receive the notifications to
Click “Add Incoming WebHooks Integration”
Copy the WebHook URL
In the next screen, click “Save settings” at the bottom.
In New Relic Applied Intelligence, under Incident Intelligence click Destinations
Add a WebHook
In the end point paste the WebHook url from slack.
In the custom payload, paste the following JSON:
{"blocks": [{"type": "section","text": {"type": "mrkdwn","text": "*New Relic Incident Intelligence Alert*"}},{"type": "divider"},{"type": "section","text": {"type": "mrkdwn","text": "*CUSTOM FIELDS*:"},"fields": [{"type": "mrkdwn","text": "*Issue ID*"},{"type": "mrkdwn","text": "*Issue Title*"},{"type": "plain_text","text": {{ id }}},{"type": "plain_text","text": {{ ui_name }}}]},{"type": "section","fields": [{"type": "mrkdwn","text": "*Issue URL*"},{"type": "mrkdwn","text": "*Description*"},{"type": "mrkdwn","text": {{ url }}},{"type": "plain_text","text": {{ description }}}]},{"type": "section","fields": [{"type": "mrkdwn","text": "*State*"},{"type": "mrkdwn","text": "*is_correlated*"},{"type": "plain_text","text": {{ state }}},{"type": "plain_text","text": "{{ is_correlated }}"}]},{"type": "section","fields": [{"type": "mrkdwn","text": "*Created On*"},{"type": "mrkdwn","text": "*Modified On*"},{"type": "plain_text","text": "{{ created_on }}"},{"type": "plain_text","text": "{{ modified_on }}"}]},{"type": "section","fields": [{"type": "mrkdwn","text": "*Activated On*"},{"type": "mrkdwn","text": "*Closed On*"},{"type": "plain_text","text": "{{ active_since }}"},{"type": "plain_text","text": "{% if closed_on is defined %} {{ closed_on }} {% else %} None {% endif %}"}]},{"type": "section","fields": [{"type": "mrkdwn","text": "*Aggregated Incidents*"},{"type": "mrkdwn","text": "*Monitoring Tool*"},{"type": "plain_text","text": "{{ incident_count }}"},{"type": "plain_text","text": {{ sources|join(', ') }}}]}]}
{ "monitoring_tool": {{ sources }}, {% if state == 'closed' %} "message_type": "OK", {% else %} "message_type": {{ priority }}, {% endif %}
"custom_fields": { "issue_url": {{ url }}, "description": {{ description }}, "state": {{ state }}, "is_correlated": {{ is_correlated }}, "created_on": {{ created_on }}, "modified_on": {{ modified_on }}, "activated_on": {{ active_since }}, "closed_on": {% if closed_on is defined %} {{ closed_on }} {% else %} None {% endif %}, "related_incidents": [ {% for incident in incidents %} { "id": {{ incident.id }}, "events_count": {{ incident.events_count }}, "labels": {{ incident.labels }}, "title": {{ incident.title }}, "description": {{ incident.description }}, "state": {{ incident.state }}, "sources": {{ incident.sources }}, "modified_on": {{ incident.modified_on }}, "opened_on": {{ incident.opened_on }}, "closed_on": {{ incident.closed_on }} } {% if not loop.last %},{% endif %} {% endfor %} ] }, "state_message": {{ description }}, "entity_id": {{ id }}, "entity_display_name": {{ ui_name }}, "vo_annotate.u.NRAI_Link": {{ url }}}Webhook and JSON format examples
Applied Intelligence will send the event body in JSON format via HTTPS POST. The system expects the endpoint to return a successful HTTP code (2xx). If you use webhooks to configure Incident Intelligence destinations, use these examples of the webhook body and JSON format.
Webhook format:
Name | Description |
|---|---|
Href | A link to the UI where the issue can be seen. |
String | Unique identifier for the issue. |
String | The issue title. |
String | The description of the issue. |
Enum | The issue priority. Can be Critical, High, Medium, or Low. |
Enum | The issue status. Can be Active, Closed, or Acknowledged. |
Boolean | True if the issue is based on correlated data. |
String | The date and time the issue was created (in ISO format). |
String | The date and time the issue was modified (in ISO format). |
String | The date and time the issue was activated (in ISO format). |
String | The date and time the issue was closed (in ISO format). |
List(String) | List of the different sources that were used to send the events into Applied Intelligence (for example: PagerDuty). |
List(Pathways) | List of pathways that are associated with the issue. Each pathway contains an id and name: |
String | The pathway ID. |
String | The pathway name. |
List(Incident) | List of incidents that are attached to the issue. The list contains only the latest 100 incidents. |
String | The incident ID. |
Integer | The number of events used to create the incident. |
String | The incident title. |
String | The incident description. |
Dictionary (String) | A string to string mapping of the incident labels. Labels represent the unique entities that are used to describe the incident. |
Enum | The incident priority. Can be Critical, High, Medium, or Low. |
List(String) | The incident source. |
Enum(open, closed) | The incident state. |
String | The date and time the incident was opened (in ISO format). |
String | The date and time the incident was closed (in ISO format). |
String | Issue title. |
String | Issue analysis summary golden signal/s (if applicable). |
String | Issue analysis summary golden components (if applicable). |
Applied Intelligence uses a templating framework called Jinja2 in the Webhook interface.
Here is a default Jinja2 payload to use:
{"id": {{ id }},"url": {{ url }},"ui_name": {{ ui_name }},"description": {{ description }},"priority": {{ priority }},"state": {{ state }},"is_correlated": {{ is_correlated }},"created_on": {{ created_on }},"modified_on": {{ modified_on }},"active_since": {{ active_since }},"closed_on": {% if closed_on is defined %} {{ closed_on }} {% else %} None {% endif %},"sources": {{ sources }},"incidents": {{ incidents }},"pathways": {{ pathways }},}Below are a few useful Jinja2 commands to help you format your output.
Casting a value to integer
Example:
“severity”: {{ priority | int }}If clause to check if an attribute’s value is set
Example:
"golden_signals": {% if accumulations['alert/signal'] is defined %} {{ accumulations['alert/signal'] }} {% else %} None {% endif %}For loop to iterate of an array of values:
Example:
"description": 'Incidents [ {% for incident in incidents %} { "id": {{ incident.id }}, "events_count": {{ incident.events_count }}, "labels": {{ incident.labels }}, "title": {{ incident.title }}, "description": {{ incident.description }}, "state": {{ incident.state }}, "sources": {{ incident.sources }}, "modified_on": {{ incident.modified_on }}, "opened_on": {{ incident.opened_on }}, "closed_on": {{ incident.closed_on }} } {% if not loop.last %},{% endif %}{% endfor %} ]'Check if an array attribute's value is set:
Example:
"hostname_field": {% if incidents[0].labels['newrelic/tag/hostname'] is defined %} {{ incidents[0].labels['newrelic/tag/hostname'] }} {% else %} None {% endif %}