Alert Manager
Overview
Details
- Awareness of your current operational situation with the incident posture dashboard
- Analyze root cause of incidents with only a few clicks
- Review and adjust the urgency of incidents to improve operations scheduling
- Dispatch incidents to the person in charge
- Track and report incident workflow KPIs
- Tag and categorize incidents
Please find the full documentation at http://docs.alertmanager.info/
For Support, please reach out support@alertmanager.info or open a ticket at GitHub (https://github.com/simcen/alert_manager/issues/new)
Release Notes
Version 2.2.2
*Important:* There were significant changes in this release. Please refer to the Upgrade instructions: http://docs.alertmanager.info/en/latest/update_manual/
New Features
* External Workflow Actions
* Support for external event ids
* Alert Status Customization
* Quick Assign
* Ability to index alert results instead of writing to KV Store
* Auto resolve informational events
Enhancements
* Search Head Cluster support
* Removed custom alert index / indexes.conf. Default to main index with ability to customize
* Changed permission style from capabilities to roles to comply with certification requirements
* Internal: New Splunkd-style REST endpoints because of deprecated Splunk Web endpoints
* Improved Alert History
* Reduced Alert Metadata footprint
* Added alert_manager_user role with read-only permissions to knowledge objects
* display_fields in Incident Settings is now optional
* Added a check to the incident edit modal to wait for the owner and status dropdown to be ready before save button gets active
Version 2.1.4
Re-enabled migration scripts to seed default E-mail Templates and Notification Scheme.
Version 2.1.3
* Support for non-admin users to modify incidents from Incident Posture dashboard
* Added capability 'am_is_owner' which is required to be an owner of incidents
* Added new alert_manager_admin, alert_manager_supervisor and alert_manager_user role as preparation for upcoming features
* Added support for 'AND' or 'OR' combinations in Suppression Rules
* Added new dynamic owner selection in Custom Alert Action dialog
* Added auto subsequent resolve option to resolve new incidents from the same title
* Added loading indicator to incident posture dashboard when expanding incident to show details
* Improved incident edit dialog to provide better owner search and selection
* Fixed IncidentContext to support https scheme and custom splunk web port
* Enhanced timestamp display in incident history
* Improved table coloring (Splunk 6.5 Feature)
* Lot’s of bugfixes, code cleanups, enhancements and sanitizations. See changelog for details
Version 2.0.5
App certification release only - no functional changes included!
Version 2.0.4
App certification release only - no functional changes included!
Version 2.0.3
- Fixed wrong file permissions
- Fixed wrong default notification scheme seed format
- Added missing appIcon
- Fixed a bug where e-mail notifications we not sent correctly
- Fixed a bug where e-mails haven't been displayed correctly on iOS devices
- Fixed results_link and view_link in notification context
Version 2.0.2
- Fixed a bug to reenable inline drilldown on Incident Posture again (Splunk 6.4 compatibility)
- Merged a pull request to properly support SMTP authentication
- Fixed a bug where an urgency field in results lead into an error
- Fixed wrong modular alert description
- Removed legacy scripted alert action
- Merged pull request for better quotation in incident posture
- Improved alert filter populating search
- Fixed a bug where not all built-in users are shown in the incident edit modal
- Fixed incident posture to refresh single values automatically
Version 2.0.1
- Fixed localization support
- Changed alert column in incident settings to read-only
- Fixed a bug where token syntax in notifications didn't work
- Fixed notifications to support multi-valued fields or comma-separated list of recipients
Version 2.0
This release is only supported under v6.3 or later!
- Changed from scripted alert action to Custom Alert Action framework
- Added a customizable incident title
- Added support for extended notification schemes
- Added support for incident suppression (False positives, maintenance windows...)
- Added migration script to ingest default data (email templates and notification schemes) as well as migrating old incident settings to Custom Alert Action parameters
- Added new Splunk v6.3 style single values
- Added support to dynamically select a template by referencing a token in the notification scheme
- Added support for multiple dynamic recipients by using multi-valued fields and a token in the notification scheme
- Added a search command 'modifyincidents' to update an incident trough a search
- Added a general default email template
- Changed token reference in e-mail templates to $result.fieldname$ syntax
- Bugfixes and performance improvements
Version 1.1
- Fixed support for per-result alert actions
- Added support for search results in e-mail templates
- Enhanced incident details with description form saved search and selectable list of fields
- Bugfixes