Flashduty Docs
中文EnglishRoadmapAPI官网控制台
中文EnglishRoadmapAPI官网控制台
  1. Integrations
  2. Webhooks
  • Getting Started
    • Introduction
    • Quick start
    • FAQ
    • Product Comparison
  • Incidents
    • What is an Incident
    • View Incidents
    • Handle Incidents
    • Escalations and Assignments
    • Custom Fields
    • Custom Actions
    • Alert Noise Reduction
    • Past Incidents
    • Outlier Incidents
  • Configure Flashduty
    • Channels
    • Integrate Alerts
    • Alert Noise Reduction
    • Escalation Rules
    • Label Enrichment
    • Schedules
    • Templates
    • Service Calendars
    • Preferences
    • Alert Routing
    • Silence and Inhibition
    • Filters
    • Notification Bots
    • Alert Pipeline
  • Platform
    • Teams and Members
    • Permissions
    • Single Sign-On
    • Insights
  • Advanced Features
    • Referencing Variables
    • Dynamic Assignment
  • Integrations
    • Alerts integration
      • Standard Alert Integration
      • Email Integration
      • Nightingale/FlashCat Integration
      • Prometheus Integration
      • Grafana Integration
      • Zabbix Integration
      • Uptime Kuma Integration
      • Alibaba Cloud ARMS Integration
      • Alibaba Cloud Monitor CM Event Integration
      • Alibaba Cloud Monitor CM Metrics Integration
      • Alibaba Cloud SLS Integration
      • AWS CloudWatch Integration
      • Azure Monitor Integration
      • Baidu Cloud BCM Integration
      • Huawei Cloud CES Integration
      • Influxdata Integration
      • Open Falcon Integration
      • PagerDuty Integration
      • Tencent BlueKing Integration
      • Tencent Cloud CLS Integration
      • Tencent Cloud Monitor CM Integration
      • Tencent Cloud EventBridge
      • OceanBase Integration
      • Graylog Integration
      • Skywalking Integration
      • Sentry Integration
      • Jiankongbao Integration
      • AWS EventBridge Integration
      • Dynatrace Integration
      • Huawei Cloud LTS Integration
      • GCP Integration
      • Splunk Alert Events Integration
      • AppDynamics Alert Integration
      • SolarWinds Alert Events Integration
      • Volcengine CM Alert Events Integration
      • Volcengine CM Event Center Integration
      • Volcengine TLS Integration
      • OpManager Integration
      • Meraki Integration
      • Keep Integration
      • ElastAlert2 Alert Integration
      • StateCloud Alert Events
      • Guance Alert Events
      • Zilliz Alert Events
      • Huawei Cloud APM Alerts
      • zstack integration
    • Change integration
      • Standard Change Event
      • Jira Issue Events
    • IM integration
      • Feishu (Lark) Integration Guide
      • Dingtalk Integration
      • WeCom Integration
      • Slack Integration
      • Microsoft Teams Integration
    • Single Sign-On
      • Authing Integration
      • Keycloak Guide
      • OpenLDAP Guide
    • Webhooks
      • Alert webhook
      • Incident webhook
      • Costom action
  • Terms
    • Terms of Service
    • User Agreement/Privary Policy
    • SLA
  1. Integrations
  2. Webhooks

Incident webhook

Configure incident webhooks to receive HTTP callbacks at your specified URL when incidents have specific actions (such as triggering or closing). The callback content includes the latest key information about the incident, allowing integration with your custom tools.

I. Event Types#

The following event types are currently supported, with more potentially being added in the future.
Event TypeDescription
i_newCreate incident (automatically or manually)
i_assignAssign incident (automatically or manually)
i_snoozeManually snooze incident
i_wakeUnsnooze incident
i_ackManually acknowledge incident
i_unackUnacknowledge incident
i_stormTrigger alert storm notification
i_customTrigger custom action
i_rslvClose incident (automatically or manually)
i_reopenReopen incident
i_mergeManually merge incidents
i_r_titleUpdate incident title
i_r_descUpdate incident description
i_r_impactUpdate incident impact
i_r_rcUpdate incident root cause
i_r_rsltnUpdate incident resolution
i_r_severityUpdate incident severity
i_r_fieldUpdate incident custom fields

II. Push Description#

Request Method#

POST, Content-Type:"application/json"

Request Payload:#

FieldTypeRequiredDescription
event_timeint64YesEvent timestamp in milliseconds
event_typestringYesEvent type, see Event Types for enumerated values
event_idstringYesEvent ID, same event may be retried multiple times due to timeout, receivers need to deduplicate
personPersonNoOperator, exists only for manual actions
incidentIncidentYesIncident details
Person:
FieldTypeRequiredDescription
person_idint64YesPerson ID
person_namestringYesPerson name
emailstringYesEmail address
Responder:
FieldTypeRequiredDescription
person_idint64YesPerson ID
person_namestringYesPerson name
emailstringYesEmail address
assigned_atint64NoAssignment time
acknowledged_atint64NoAcknowledgment time
Incident:
FieldTypeRequiredDescription
incident_idstringYesIncident ID
titlestringYesIncident title
descriptionstringNoIncident description
impactstringNoIncident impact
root_causestringNoIncident root cause
resolutionstringNoIncident resolution
incident_severitystringYesSeverity level, enum: Critical, Warning, Info
incident_statusstringYesIncident status, enum: Critical, Warning, Info, Ok
progressstringYesProcessing status, enum: Triggered, Processing, Closed
created_atint64YesCreation time
updated_atint64YesUpdate time
start_timeint64YesTrigger time, Unix timestamp in seconds
last_timeint64NoLatest event time, latest push time of associated alerts, Unix timestamp in seconds, default 0
end_timeint64NoRecovery time, incident auto-recovers when all associated alerts recover, Unix timestamp in seconds, default 0
ack_timeint64NoFirst acknowledgment time, incidents can be acknowledged by multiple people, this is the earliest acknowledgment time. Unix timestamp in seconds, default 0
close_timeint64NoClose time, end_time represents incident recovery time, close_time represents processing status closure time. Incident recovery triggers closure, but closure doesn't affect recovery. Unix timestamp in seconds, default 0
snoozed_beforeint64NoSnooze end time
labelsmap[string]stringNoLabel key-value pairs, both Key and Value are strings. Not available for manually created incidents, for auto-created incidents contains labels from the first aggregated alert
fieldsmap[string]interface{}NoCustom field key-value pairs, Key is string, Value can be any type depending on field type
creatorPersonNoCreator information, exists only for manually created incidents
closerPersonNoCloser information, exists only for manually closed incidents
responders[]ResponderNoList of responder information
alert_cntint64NoNumber of associated alerts
channel_idint64NoChannel ID, 0 means not belonging to any channel
channel_namestringNoChannel name
detail_urlstringYesDetails URL
group_methodstringNoGrouping method, enum: n: no grouping, p: rule-based grouping, i: intelligent grouping

Response#

HTTP status code 200 indicates successful push.

Request Example#

III. FAQ#

1.
Is there a response timeout for the service?
Services must respond within 1 second, responses after 1 second are considered failed
2.
Will failed pushes continue to be pushed?
Currently, FlashDuty pushes only once, though retry mechanisms may be introduced in the future. Retries may also occur due to middleware timeouts, so implement idempotent processing
3.
How is push order guaranteed?
In theory, events for the same incident are pushed in chronological order, but retries may cause out-of-order delivery
Services can filter based on event_time; if a later event has been received, earlier events can be filtered out. Each push carries complete, up-to-date information, so occasional event loss is acceptable
4.
Trusted IP whitelist for push sources?
{ip_whitelist}
May be updated in the future, please check periodically
修改于 2024-11-18 03:24:06
上一页
Alert webhook
下一页
Costom action
Built with