Splunk Observability integration with Incident Response

Splunk Observability Cloud provides monitoring and troubleshooting for your applications.  Your detector monitors and triggers alert based on conditions you define in rules and Incident Response ensures that the right people are working on these alerts.

What does Lightstep Incident Response offer Splunk Observability users?

Alerts in Splunk Observability trigger alerts in Incident Response. You can add Splunk Observability as a new service or attach its alert remediation capabilities to an existing service.

Incident Response acts as a handler for these alerts and determines the right people to notify based on escalation policies, previously provided points of contact, and on-call schedules. Users are notified based on their notification preferences. Alerts are escalated until they are acknowledged or closed.

Functionality of the integration

When an alert is triggered in Splunk Observability, Lightstep Incident Response receives event data in the form of JSON payload from Splunk Observability, and an alert is created in Incident Response.