Configure the webhook in Elastic Observability
Configure webhook endpoints so that Elastic Observability can use the endpoint to communicate with Incident Response.
Before you begin
Role required: Responder, Manager, or Administrator
About this task
Note: While this integration with a third-party product is
supported, the documentation here is based upon information provided by that third-party.
More current information about the operation of that third-party’s system may be available
from them directly.
Procedure
What to do next
Add the webhook connector to the alerts that you want Lightstep Incident Response to handle.
- To create alert rules related to Observability apps, go to the Observability Alerts page and click Manage Rules to navigate to the Rules page.
- In the Rules page, you can create alerts for Observability apps (Logs, Metrics, Uptime, and APM app) and Stack Monitoring. You can also create rules directly from the Logs, Metrics, Uptime, and APM apps without leaving the app by clicking Alerts and rules and selecting a rule, or you can select Manage Rules to go to the Rules page.
- Enter the condition that will trigger the alert.
- From the Actions section in the alert rule page, select Webhook connector.
- From the Run when list, select a suitable option.
- From the Webhook connector list, select the webhook connector that you configured for Incident Response.
- In the body, paste the payload that you copied from Incident Response.
- You can set your severity in the payload against the severity parameter. For example, "severity": "minor". Otherwise the default severity will be mapped to the alert rule once the alert is triggered.
- Click Save.
For more information about configuring alerts in Elastic Observability, see Alerting.