Research bi-directional action types #56396
Comments
mikecote
added
Feature:Alerting
Team:ResponseOps
|
Pinging @elastic/kibana-alerting-services (Team:Alerting Services) |
|
Let's get some use-cases listed! here's one: from #51636 (comment) :
We don't have "Ack"ing for alerts yet, but we do have mute/un-mute/throttle kinda stuff. At the previous job, we had some Slack alerts that did this kind of thing, was SUPER useful to be able to silence a wall of noise in Slack, right from Slack. |
|
Things to think about in this context: Just some things that crossed my mind reading the issue. |
Great questions about ACKing, which AFAIK is not related at all to bi-directional action types. We should probably open up a separate discuss issue on ACKing alerts when we're ready to discuss it ... |
|
Haha, fair enough... you brought it up ;) |
|
Another use case: Update a document in Kibana when a ServiceNow case has been closed. The bi-directionality here would be to check the case on an interval basis until a condition is met, then update document in Kibana. The challenge here is to keep the credentials (API Key) of the person who originally invoked the action to lookup the case's status at a future time. |
|
Example from @alexfrancoeur
|
|
There are many out there, but here's one example from OpsGenie. If we intend to eventually introduce ownership and acknowledgement natively from Kibana alerts, supporting this use case and functionality probably makes sense. Otherwise, we can defer to third party tools (like OpsGenie or PagerDuty)
|
|
Closing issue and merging with #51636. |
Research what it would take to accomplish #51636.
The text was updated successfully, but these errors were encountered: