Severity and state mappings for Sysdig Monitor

Alert priority and resolution state mapping between Sysdig Monitor and Incident Response.

Sysdig Monitor alert priority mapping

Sysdig Monitor’s alert priority is based on one field in the payload.

The field of interest is severity.

Sysdig Monitor payload field Sysdig Monitor payload value Incident Response alert priority value
severity 0 P1-Critical
2 P2-High
4 P3-Moderate
6 P5-Informational

Sysdig Monitor resolution state mapping

The field of interest is state.

Sysdig Monitor payload field Sysdig Monitor payload value Incident Response alert resolution state value
state OK Closed
ACTIVE New
Note: If you require any other severity and state mappings, use the Generic webhook integration.