Icinga
Icinga delivers software for monitoring and managing networks and systems. This workflow lets you send actionable alerts to on-call resources when xMatters gets a signal from Icinga. Responders can initiate an incident with the press of a button, or you can build on the flow to perform automated resolution tasks.
How it works
When an alert is generated in Icinga, it sends a JSON-formatted webhook to xMatters, based on user-defined alert rules. An Icinga trigger in xMatters parses the webhook and initiates a flow. The webhook includes essential alert data you can use to enrich notifications to users or when building automated tasks.
Install the workflow
The following instructions describe how to install the workflow through the xMatters one-click installation process. If you already installed the previous, built-in version of the integration, you can find instructions here.
- Go to the Workflow Templates page and click the Icinga tile.
- On the Set up the Workflow tab, give the workflow a name that identifies its purpose (this must be unique in your instance), add an optional description, and set the default incident type (if applicable). Any built-in Initiate Incident steps in the workflow will automatically be set to the selected incident type.
- You can edit these later, if needed.
- You can edit these later, if needed.
- Click Next to set up the connection.
- Choose the authentication method. A trigger URL is generated based on the selected authentication method.
- Copy the trigger URL — you’ll use this to configure the webhook in Icinga.
- The trigger URL includes the recipients parameter, which specifies who should be notified. By default, this parameter is set to notify you (the logged in user), but you can set it to target any user or group you want.
- The trigger URL includes the recipients parameter, which specifies who should be notified. By default, this parameter is set to notify you (the logged in user), but you can set it to target any user or group you want.
- Send a test signal to the trigger URL to test the connection.
- Click Open Workflow to view and customize the workflow, or Close to return to the Workflows page.
Configure Icinga to send requests to the trigger URL
The following instructions describe how to configure Icinga to send signals to your triggers.
- Download the xm-host-notification.sh, xm-service-notification.sh, and xmatters-plugin.conf files to your computer.
- Go to the location of your Icinga scripts folder. For example: /etc/icinga/scripts.
- Add both shell files to the scripts folder.
- If you're using Basic Authentication, open each shell file and add -u <username>:<password> to the cURL command and insert your username and password. For example:
#!/bin/shecho
"Sending xMatters host notification."
curl -i \
-u <mmcbride>:<SecurePwd!!>
-H "Content-Type: application/json" \
- If you're using Basic Authentication, open each shell file and add -u <username>:<password> to the cURL command and insert your username and password. For example:
- Save your changes to the shell files, if required.
- Open the xmatters-plugin.config file in a text editor.
- On the XM_INTEGRATION_URL line replace <YOUR_HOST_TRIGGER_URL> and <YOUR_SERVICE_TRIGGER_URL> with the URL you copied from the Icinga trigger in Flow Designer.
object NotificationCommand "xm-host-notification" {
command = [ SysconfDir + "/icinga2/scripts/xm-host-notification.sh" ]
env = {
ADDRESS = "$address$"
HOSTDISPLAYNAME = "$host.display_name$"
HOSTNAME = "$host.name$"
HOSTOUTPUT = "$host.output$"
HOSTSTATE = "$host.state$"
HOSTSTATETYPE = "$host.state_type$"
LASTHOSTSTATECHANGE = "$host.last_state_change$"
NOTIFICATIONAUTHOR = "$notification.author$"
NOTIFICATIONCOMMENT = "$notification.comment$"
NOTIFICATIONTYPE = "$notification.type$"
SHORTDATETIME = "$icinga.short_date_time$"
XM_INTEGRATION_URL = <YOUR_HOST_TRIGGER_URL>
}
}
object NotificationCommand "xm-service-notification" {
command = [ SysconfDir + "/icinga2/scripts/xm-service-notification.sh" ]
env = {
ADDRESS = "$address$"
HOSTNAME = "$host.name$"
LASTSERVICESTATECHANGE = "$service.last_state_change$"
NOTIFICATIONAUTHOR = "$notification.author$"
NOTIFICATIONCOMMENT = "$notification.comment$"
NOTIFICATIONTYPE = "$notification.type$"
SERVICEDISPLAYNAME = "$service.display_name$"
SERVICENAME = "$service.name$"
SERVICEOUTPUT = "$service.output$"
SERVICESTATE = "$service.state$"
SERVICESTATETYPE = "$service.state_type$"
SHORTDATETIME = "$icinga.short_date_time$"
XM_INTEGRATION_URL = <YOUR_SERVICE_TRIGGER_URL>
}
} - Add the target names of any recipients you want to notify when the notification fires.
- For URL authentication, use an ampersand to attach recipients. For example, if you want to notify Emma Pearson and the on-call members in the group responsible for the Antares service, you'd add &recipients=epearson,antares to the end of the URL.
- For other authentication types, use a question mark to attach recipients. For example, if you want to notify Barry Gull and the on-call members in the group responsible for the Cassiopeia service, you'd add ?recipients=bgull,cassiopeia to the end of the URL.
- You must URL-encode any special characters or spaces in the target names.
- Save the file.
- Move the xmatters-plugin.config file to your Icinga config file folder. For example: /etc/icinga/conf.d.
- Optional: If you have any other Icinga notification attributes, you can add them to the env part of the xmatters-plugin.conf file. You must then update the cURL commands in the shell scripts for each host/service to match.
Now add the notification to any Icinga host you want to monitor.
- Go to the location of your Icinga hosts. For example: /etc/icinga2/conf.d/hosts.conf.
- Add the following code to each host.
Copy
vars.notification["xm"] = {
groups = [ "icingaadmins" ]
} - Restart your Icinga service so all changes are captured and applied.
You're ready to use the webhook to trigger automated flows, including steps such as sending alerts and initiating incidents, though we always recommend testing before putting things into use.
Set recipients in the trigger URL
The trigger expects the recipients in the trigger URL. When you copy the URL from xMatters, it includes the recipients parameter: recipients=<yourname>. Of course, you don’t want to receive all the alerts.
To change the recipients for alerts from this webhook, swap out your name for the people or groups you want to target.
- For URL authentication, use an ampersand to attach recipients. For example, if you want to notify Emma Pearson and the on-call members in the group responsible for the Antares service, you'd add &recipients=epearson,antares to the URL.
- For other authentication types, use a question mark to attach recipients. For example, if you want to notify Barry Gull and the on-call members in the group responsible for the Cassiopeia service, you'd add ?recipients=bgull,cassiopeia to the URL.
Remember to URL-encode any special characters, including spaces, in your group names.
We recommend using groups so you can take advantage of the xMatters group features — rotations, escalations, and absences — to reach the right on-call people to jump on an issue.
How to use the workflow
When a condition you've set fires, it sends a signal to xMatters, which creates an alert and notifies the individual or the on-call members of the people or groups you set as recipients in the webhook URL. When the trigger receives a signal saying the issue is resolved, it automatically terminates related alerts in xMatters.
Notification responses and associated actions
The person responding to the notification has the following response options:
- Acknowledge: Acknowledges the notifications and stops escalations.
- Escalate: Immediately escalates the alert to the next on-call resolver in a targeted group.
- Close: Ends the xMatters alert and stops notifying all targeted recipients.
- Initiate Incident: Initiates an incident in xMatters.
Next Steps
Now that you've installed the workflow, you can use it as-is, or customize it to suit your needs better. Here are some examples of things you can add to the workflow to customize it:
- Use Slack, Zoom, and Microsoft Teams steps to add collaboration channels to the flow.
- Change the severity of incidents created when a recipient selects the Initiate Incident response.
- Update the message sent to resolvers to include the information most relevant to your team.
Previous versions
While the previous, built-in version of this integration is no longer available, the instructions for it are included below for anyone who has it installed in their system already.
Previous Icinga integration instructions
Icinga delivers software for monitoring and managing networks and systems. When events meet predetermined criteria, this integration with xMatters relays critical Icinga insight data to the correct people and systems to help coordinate and resolve incidents faster.
xMatters automates communications by integrating people into your toolchains so you can proactively prevent outages, rapidly engage resolvers, manage major incidents, and keep stakeholders informed.
Do more with this integration
Incorporate this integration into your orchestrated incident resolution workflows with Flow Designer. After you create a configuration, the Flows tab appears. From there, you can build your flows — add new response options, connect to other apps, or even create new xMatters alerts based on activities in the flow — enriching the information injected by this integration along the way.
Get started with Icinga
This integration takes advantage of the API available in Icinga 2 to deliver additional features and options that are not available in Icinga 1.
How to install a built-in workflow
To install this integration in xMatters, simply go to Workflow Templates on the Workflows tab and start typing the name of the integration you're looking for to filter the list. Once you find it, click its tile then click Next to get to the configuration screen.
How to set up an Icinga configuration
You'll need a few configuration files for your Icinga system; you can download them from here:
After you give your configuration a name and description, type a name to use when sending alerts (so you can easily tell which configuration or integration the alerts are from), and add all of the people or groups you want to be notified.
This integration also requires some extra configuration information:
- Icinga API Base URL: The URL of your Icinga system that xMatters can use to post requests back to Icinga.
- Icinga API User: The user name of an Icinga user that can grant xMatters access to the Icinga API.
- Icinga API Password: The Icinga API User's password.
Once you save the configuration, xMatters displays the settings you need to configure Icinga:
You can now download and configure the components in Icinga, and use this URL for the value of the XM_INTEGRATION_URL variable.
How to install and configure the integration components in Icinga.
- If you haven't already, download the following configuration files (click a link to start the download):
- Copy the xmatters-plugin.conf file to the same location as your other Icinga conf files, and then open it in a text editor.
- Locate both of the XM_INTEGRATION_URL variables, and set their values to the URL shown in the configuration page in xMatters.
- Save and close the .conf file.
- Copy the shell scripts to the icinga2/scripts folder in your Icinga installation, and give both scripts "execute" permissions.
- Add the following code to each host that you want to be able to send signals to xMatters (replace "icingaadmins" with the name of any Icinga group that has permission to send notifications):
vars.notification["xm"] = {
groups = [ "icingaadmins" ]
}
- Once you've added the code to your hosts, restart Icinga to apply the changes.
Your integration is now complete!
Now, whenever a check is triggered on one of your hosts, Icinga will send a signal to xMatters via the shell script to notify the selected recipients. If you select the "Schedule 60min Downtime" response, xMatters will send a signal back to Icinga to ignore events concerning that resource for the next hour.
How to use this integration
To trigger a notification, bring down or interrupt one of the services or network resources being monitored by a host configured to send signals to xMatters. Icinga will send the event details to xMatters, which will notify the recipients specified on the configuration page. Recipients can select from the following response choices:
- Acknowledge: assigns the issue to the responder, and stops notifying other recipients about the alert.
- Schedule 60min Downtime: assigns the issue to the responder, stops notifying other recipients, and tells Icinga not to send anymore notifications involving the server that triggered the event for the next 60 minutes.
- Close: stops notifying all recipients and terminates the alert.
- Escalate: stops notifying the responder about the alert, and immediately escalates the notification to the next available group member defined in xMatters.
You can see full details of all notifications and responses on the Reports tab in the xMatters web user interface.
Extending your integration
Looking to do more with xMatters and Icinga? If you want to tailor the settings and notifications for the integration, you can convert it to a custom workflow.