Severity and state mappings for Zabbix
Alert priority and resolution state mapping between Zabbix and Incident Response.
Zabbix alert priority mapping
Zabbix’s alert priority is based on two fields in the payload. The fields of interest are:
- severity
- event_value
| Zabbix payload field | Zabbix payload value | Incident Response alert priority value |
|---|---|---|
| severity | Disaster | P1-Critical |
| High | P2-High | |
| Average | P3-Moderate | |
| Warning | P4-Low | |
| Information | P5-INFORMATIONAL | |
| Not classified | P5-INFORMATIONAL | |
| event_value | 0 | Clear/0 |
The default value for alert priority is P3-Moderate.
Zabbix resolution state mapping
The field of interest is: event_value
| Zabbix payload field | Zabbix payload value | Incident Response alert resolution state value |
|---|---|---|
| event_value | 0 | Closing |
| New |
Note: If you require any other severity and state mappings, use the
Generic webhook integration.