Handling High-Severity Sentry Alerts

Link to the workflow.

This workflow handles critical alerts from Sentry based on the service they are associated with. Explanation:

Trigger: Activated by critical alerts from Sentry.
Actions:
- Send a Slack message to the payments team for alerts related to the payments service.
- Create a Jira ticket for alerts related to the ftp service if a ticket ID is not already present.

workflow:
  id: sentry-alerts
  description: handle alerts
  triggers:
    - type: alert
      cel: source.contains("sentry") && severity == "critical" && (service == "payments" || service == "ftp")
  actions:
    - name: send-slack-message-team-payments
      if: "'{{ alert.service }}' == 'payments'"
      provider:
        type: slack
        config: "{{ providers.team-payments-slack }}"
        with:
          message: |
            "A new alert from Sentry: Alert: {{ alert.name }} - {{ alert.description }}
            {{ alert }}"
    - name: create-jira-ticket-oncall-board
      if: "'{{ alert.service }}' == 'ftp' and not '{{ alert.ticket_id }}'"
      provider:
        type: jira
        config: "{{ providers.jira }}"
        with:
          board_name: "Oncall Board"
          custom_fields:
            customfield_10201: "Critical"
          issuetype: "Task"
          summary: "{{ alert.name }} - {{ alert.description }} (created by Keep)"
          description: |
            "This ticket was created by Keep.
            Please check the alert details below:
            {code:json} {{ alert }} {code}"
          enrich_alert:
            - key: ticket_type
              value: jira
            - key: ticket_id
              value: results.issue.key
            - key: ticket_url
              value: results.ticket_url

Creating ServiceNow Tickets for Alerts Update ServiceNow Tickets

Overview

AIOps

Alerts

Incidents

Workflow Automation

Alert Evaluation Engine

Providers

Deployment

Development

Keep CLI

Handling High-Severity Sentry Alerts