Severity and state mappings for Icinga2
Alert priority and resolution state mapping between Icinga2 and Incident Response.
Icinga2 alert priority mapping
Icinga2's alert priority is based on one field in the payload.
The field of interest is alert_state.
| Icinga2 payload field | Icinga2 payload value | Incident Response alert priority value |
|---|---|---|
| alert_state | Up | Clear/0 |
| Down | P1-Critical | |
| Critical | P1-Critical | |
| Unknown | P4-Low | |
| Warning | P4-Low | |
| Ok | Clear/0 |
Icinga2 resolution state mapping
The field of interest is alert_notification_type.
| Icinga2 payload field | <prod_name> payload value | Incident Response alert resolution state value |
|---|---|---|
| alert_notification_type | PROBLEM | New |
| RECOVERY | Closing |
Note: If you require any other severity and state mappings, use the
Generic webhook integration.