ElastAlert
Enhance incident management with our comprehensive guide on configuring Elastic integration using ElastAlert and Squadcast. Streamline your processes and stay prepared to tackle incidents effectively.
Follow the steps below to configure a service so as to extract its related alert data from ElastAlert.
Squadcast will then process this information to create incidents for this service as per your preferences.
Using ElastAlert as an Alert Source
Navigate to Services -> Service Overview -> select or search for your Service. Expand the accordion -> In the Alert Sources section, click Add.

2. Select ElastAlert. Copy the displayed Webhook URL to configure it within ElastAlert. Finish by clicking Add Alert Source -> Done.

Important:
When an alert source turns Active, it’ll show up under Configured Alert Sources, you can either generate a test alert from the integration or wait for a real-time alert to be generated by the Alert Source. An Alert Source is active if there is a recorded incident via that Alert Source for the Service.
Setup Squadcast Alerter in ElastAlert
For details about how to configure ElastAlert to send alerts, refer Running ElastAlert for the First Time.
Configuration variables in rules YAML file
alert: post
http_post_url: <ElastAlert Webhook URL copied from Squadcast dashboard>
http_post_static_payload:
Title: <Incident Title>
http_post_all_values: true

For more details on post alert type, refer HTTP Post Alert Type - ElastAlert.
Now, whenever an alert is triggered by ElastAlert according to the rules defined, it'll automatically create an incident in Squadcast. But, the resolving of incident needs to be done manually by going to Squadcast dashboard.
Have any questions? Ask the community.
Last updated
Was this helpful?