Sysdig alert created

trigger

This trigger fires when a Sysdig alert is created

sysdig-trigger-alert-created

This Sysdig integration triggers when an alert is created.

Data Emitted

The JSON Sysdig alert POST data is emitted directly by the trigger.

Usage

For a complete usage guide, see the Using triggers in workflows documentation.

parameters:
  eventURL:
    description: The sysdig event URL
  state:
    description: The sysdig event state

triggers:
- name: sysdig-trigger-alert-created
  image: relaysh/sysdig-trigger-alert-created
  binding:
    parameters:
      eventURL: !Data event.url
      state: !Data state
      
steps:
- name: slack-notify
  image: relaysh/slack-step-message-send
  spec:
    connection: !Connection { type: slack, name: my-slack }
    channel: !Parameter slackChannel
    message: !Fn.concat
    - "Got an alert: "
    - !Parameter eventURL
    - " that is "
    - !Parameter state

Example Raw Data

{
 "timestamp": 1471457820000000,
 "timespan": 60000000,
 "alert": {
   "severity": 4,
   "editUrl": "http://app.sysdigcloud.com/#/alerting/alerts/1/edit",
   "scope": "host.mac = \"00:0c:29:04:07:c1\"",
   "name": "alertName",
   "description": "alertDescription",
   "id": 1
 },
 "event": {
   "id": 1,
   "url": "http://app.sysdigcloud.com/#/alerting/notifications/l:604800/1/details"
 },
 "state": "ACTIVE",
 "resolved": false,
 "entities": [{
   "entity": "host.mac = '00:0c:29:04:07:c1'",
   "metricValues": [{
     "metric": "cpu.used.percent",
     "aggregation": "timeAvg",
     "groupAggregation": "none",
     "value": 100.0
   }],
   "additionalInfo": [{
     "metric": "host.hostName",
     "value": "sergio-virtual-machine"
   }]
 }],
 "condition": "timeAvg(cpu.used.percent) > 10"
}

Source

Sysdig alert created

sysdig-trigger-alert-created

Data Emitted

Usage

Example Raw Data

Example trigger configuration

Join our community

Ready to get started?

Documentation

Blog

Privacy policy

Terms of Use

Pricing

Privacy policy

Terms of Use