Sending alerts to Jira, creating ticket

Hi,
Is it possible somehow using opendistro dev tools or any interface to send alerts to Jira and create ticket there?
Best Regards
Emil

Hi @emil.ask78,

You can create a new destination webhook and point it to jira like so: Alert Custom Webhook:Jira Service Desk.
Then you can create a monitor and configure the trigger to have an action to send a message to your jira webhook destination, so your alerts can be sent to jira.

Thanks ashisagr-amzn,
I was able to ingest data to Jira.
Sharing with all, not to waste too much time on that:
Used DevTools -

  1. Create JIRA destination. You need to have token generated at your Jira system for authentication.
    POST _opendistro/_alerting/destinations
    {
    “type”: “custom_webhook”,
    “name”: “to_JIRA_API”,
    “custom_webhook”: {
    “header_params”: {
    “Content-Type”: “application/json”,
    “Authorization”: “Bearer MXCVXC@#XXXXXXXXXXXXXXXXX”
    },
    “scheme” : “HTTPS”,
    “method” : “POST”,
    “port” : 443,
    “url” : “https://jira.website.com/rest/api/2/issue”,
    “host” : “jira.website.com”
    }
    }

Sample output:
{
“_id” : “NkSWSH8Brhnq8E_9AIip”,
“_version” : 1,
“_seq_no” : 574,
“_primary_term” : 15,
“destination” : {
“id” : “”,
“type” : “custom_webhook”,
“name” : “DDI_JIRA_apis”,
“user” : {
“name” : “me”,
“backend_roles” : [
“i-role”
],
“roles” : [
“own_indexes”
],
“custom_attribute_names” : ,
“user_requested_tenant” : null
},
“schema_version” : 3,
“seq_no” : 0,
“primary_term” : 0,
“last_update_time” : 1646190264488,
“custom_webhook” : {
“path” : null,
“header_params” : {
“Authorization” : “Bearer MXCVXC@#XXXXXXXXXXXXXXXXX”,
“Content-Type” : “application/json”
},
“password” : null,
“scheme” : “HTTPS”,
“method” : “POST”,
“port” : 443,
“query_params” : { },
“host” : “jira.website.com”,
“url” : “https://jira.website.com/rest/api/2/issue”,
“username” : null
}
}
}

  1. Create monitor using ID (NkSWSH8Brhnq8E_9AIip - from above sample). It has two actions - email and Jira. For email ID check your destinations.

POST _opendistro/_alerting/monitors
{
“type”: “monitor”,
“name”: “Found text”,
“enabled”: true,
“schedule”: {
“period”: {
“interval”: 1,
“unit”: “HOURS”
}
},
“inputs”: [{
“search”: {
“indices”: [“logs*”],
“query”: {
“size”: 1,
“track_total_hits”:true,
“aggregations”: {},
“query”: {
“bool”: {
“filter”: [

     {
      "match_phrase": {
        "message": "sample text"
      }
    }   ,
    {
         "range": {
                "@timestamp": {
                  "gt": "now-1h"
                }
              }
        }]
      }
    }
  }
}

}],
“triggers”: [{
“name”: “trigger-jira-email”,
“severity”: “1”,
“condition”: {
“script”: {
“source”: “ctx.results[0].hits.total.value > 0”,
“lang”: “painless”
}
},
“actions”: [
{
“name”: “Email action”,
“destination_id”: “YEEukX4Brhnq8E_9A53t”,
“message_template”: {
“source”: “Hello team,\n\nOpendistro Alert - text found!\n\nHere are the details for the last 1 hour period:\n- Monitor Name: {{ctx.monitor.name}}\n- Log count: {{ctx.results.0.hits.total.value}} ({{ctx.results.0.hits.hits.0._source.hostname-ip}})\n- Period start: {{ctx.periodStart}}\n- Period end: {{ctx.periodEnd}}\n\nBest regards,\nNet-Team”
},
“throttle_enabled”: false,
“throttle”: {
“value”: 10,
“unit”: “MINUTES”
},
“subject_template”: {
“source”: “For the last 1 hour period, found sample text from source {{ctx.results.0.hits.hits.0._source.hostname}}”
}
},
{
“name”: “Jira action”,
“destination_id”: “NkSWSH8Brhnq8E_9AIip”,
“message_template”:{
“source”: “”“{ “fields”: { “project”:{“key”: “NET”},“summary”: “For the last 1 hour period, found sample text from source {{ctx.results.0.hits.hits.0._source.hostname}}”,“description”: “Hello team,\n\nOpendistro Alert - text found!\n\nHere are the details for the last 1 hour period:\n- Monitor Name: {{ctx.monitor.name}}\n- Log count: {{ctx.results.0.hits.total.value}} ({{ctx.results.0.hits.hits.0._source.hostname-ip}})\n- Period start: {{ctx.periodStart}}\n- Period end: {{ctx.periodEnd}}\n\nBest regards,\nNet-Team”,“issuetype”: {“name”: “Support”},“customfield_119”: {“id”: “137”} } }”“”

},
  "throttle_enabled": false,
  "throttle": {
    "value": 10,
    "unit": "MINUTES"
  }
}]

}]
}

  1. Execute to get results:
    POST _opendistro/_alerting/monitors/ID_from_above_result/_execute

Regards/emil

1 Like