Your LogicMonitor account comes pre-configured to integrate with your Slack account. The integration enables LogicMonitor to create Slack Channel Notifications based on LogicMonitor alerts.
You can use the LogicMonitor Slack integration to create Slack Channel Notifications in response to alerts triggered in your account. You'll need:
- to set up an incoming Webhook Integration from your Slack account
- to enable the Slack integration in your LogicMonitor account
- to create an alert rule and escalation chain to deliver alert data to Slack
- to add the escalation chain to an alert rule
When a triggered alert matches the alert rule and is routed to the escalation chain with the Slack integration, notifications will be posted to your Slack Channel. You then have the option of configuring additional notifications to be posted to the Slack Channel when the alert is acknowledged or clears.
1. Set up an Incoming Webhook Integration in your Slack account
For instructions on enabling and setting up an Incoming Webhook for your Slack account, see the Using Webhooks section of the Slack API guide. The end result will be a unique Webhook URL. This URL will be used to configure the Slack integration within your LogicMonitor account.
2. Enable the Slack Integration in your LogicMonitor Account
You can enable the Slack Integration in your account from Settings | Integrations. Select Add and then Slack:
Incoming Webhook URL
Generate Delivery Options
After you've entered your Slack webhook URL, click Generate Delivery Options to choose howLogicMonitor formats and sends the HTTP Post requests to create Slack Channel Notifications:
By default, LogicMonitor will pre-populate four different HTTP requests, one for each of:
- new alerts (Active)
- acknowledged alerts (Acknowledged)
- cleared alerts (Cleared)
- escalated alerts (Escalated)
Each of these requests will be a POST to the Slack channel. This means that by default, a notification will be posted when the alert is triggered, acknowledged, cleared and escalated. You can change this behavior by editing or deleting the requests.
For each request you can select which alert statuses should trigger the HTTP request. Requests will be sent for new alerts (status: Active), and can additionally be sent for alert acknowledgements (status: Acknowledged), clears (status: Cleared) and escalations/de-escalations (status: Escalated). Note that each alert status can only be associated with one request. Since LogicMonitor auto-populates a different request for each alert status by default, you'll have to delete a request in order to see the option to include that alert status in a different request.
The HTTP method for Slack integrations is restricted to POST.
The URL that the HTTP request should be made to. This field is auto-populated based on the Incoming Webhook URL provided above.
The custom formatted alert data to be send in the HTTP POST request. This field will be auto-populated for you. If desired, you can customize the alert data field using tokens.
Include an ID provided in HTTP response when updating alert status
This option indicates you'd like LogicMonitor to find an ID returned in the response to the HTTP request associated with a new alert, and use the ID in any subsequent requests for alert acknowledgements, clears and escalations/de-escalations. You shouldn't need to check this option, since there isn't a concept of 'updating' a notification posted to a Slack channel.
HTTP Response Format
If LogicMonitor is to use the ID provided in the response, select the format the response will be in.
Test Alert Delivery
This option will send a test alert, enabling you to confirm that you've configured the integration correctly.
The following tokens are available:
- LogicModule-specific alert message tokens, as listed in Tokens Available in LogicModule Alert Messages.
- ##ADMIN##. The user the alert was escalated to.
- ##MESSAGE##. The rendered text of the alert message. This token will also pass all relevant acked information (e.g. the user that acknowledged the alert, ack comments, etc.).
- ##ALERTTYPE##. The type of alert (i.e. alert, eventAlert, batchJobAlert, hostClusterAlert, websiteAlert, agentDownAlert, agentFailoverAlert, agentFailBackAlert, alertThrottledAlert).
- ##EXTERNALTICKETID##. The Slack ID.
3. Configuring Alert Rule and Escalation Chain
Alert rules and escalation chains are used to deliver alert data to your Slack integration. When configuring these, there a few guidelines to follow to ensure notifications are posted and updated as expected within Slack. These guidelines are discussed in Alert Integrations Overview.