Overview
The ilert provider facilitates interaction with ilert’s API, allowing for the management of incidents and events. This includes the ability to create, update, and resolve incidents, as well as send custom event notifications. This provider integrates Keep’s system with ilert’s robust alerting and incident management platform.
Authentication
This provider requires authentication.
- ilert_token: ILert API token (required: True, sensitive: True)
- ilert_host: ILert API host (required: False, sensitive: False)
Certain scopes may be required to perform specific actions or queries via the provider. Below is a summary of relevant scopes and their use cases:
- read_permission: Read permission (mandatory)
- write_permission: Write permission
In workflows
This provider can be used in workflows.
As “step” to query data, example:
steps:
- name: Query ilert
provider: ilert
config: "{{ provider.my_provider_name }}"
with:
incident_id: {value}
As “action” to make changes or update data, example:
actions:
- name: Query ilert
provider: ilert
config: "{{ provider.my_provider_name }}"
with:
_type: {value} # Type of notification ('incident' or 'event') - determines which endpoint is used
summary: {value} # A brief summary of the incident (required for new incidents)
status: {value} # Current status of the incident (INVESTIGATING, RESOLVED, MONITORING, IDENTIFIED)
message: {value} # Detailed message describing the incident (default: empty string)
affectedServices: {value} # JSON string of affected services and their statuses (default: "[]")
id: {value} # ID of incident to update (use "0" to create a new incident)
event_type: {value} # Type of event to post (ALERT, ACCEPT, RESOLVE)
details: {value} # Detailed information about the event
alert_key: {value} # Unique key for event deduplication
priority: {value} # Priority level of the event (HIGH, LOW)
images: {value} # List of image URLs to include with the event
links: {value} # List of related links to include with the event
custom_details: {value} # Custom key-value pairs for additional context
Check the following workflow example:
Connecting with the Provider
To integrate Keep with ilert, follow these steps:
- Log in to your ilert account.
- Navigate to “Alert Sources” under your account settings.
- Create a new alert source specifically for Keep.
- Note the
ALERT-SOURCE-API-KEY
provided for this alert source.
The endpoint to make requests for Keep integration will be:
(https://api.ilert.com/api/v1/events/keep/{ALERT-SOURCE-API-KEY})
Useful Links
Responses are generated using AI and may contain mistakes.