Mobile alerting with tracking & escalation for CheckMK
Are you looking at moving from a 24/7 staffed NOC to working with on-call teams? Are you in need of reliably alerting your people after business hours and on public holiday? Are your on-call people receiving too many alerts at night? Do you need a “who’s on call” dashboard?
Derdack’s EnterpriseAlert adds reliable and mobile alerting to CheckMK. Derdack even goes beyond alerting by adding anywhere cross-team collaboration and app-enabled remedial of incidents to your CheckMK stack – all out-of-the-box.
About this page
This integration will provide the reader with information on how to integrate the Enterprise Alert® 2019 software with CheckMK. After consulting this article, the reader should have a clear understanding of how CheckMK forwards Events to Enterprise Alert , how to set up the CheckMK plugin in order to allow a connection between the two systems, and how to configure the connection itself in Enterprise Alert.
Enterprise Alert is a software package you need to install along with your CheckMK system. CheckMK connect to Enterprise Alert via REST API. A free trial version of the software is available. The accompanying mobile apps are available in the appstores at no charge.
Enterprise Alerts integration with CheckMK enables alert/incident status alerts. Active Directory-based user management. And more.
Uses Enterprise Alert standard REST API to retrieve incidents
Staff can acknowledge and take ownership for critical incidents that occur
Alerts are escalated in case of no response
On-call scheduling to alert the right people at the right time
Execute remediation actions from your smart device
And much more!
How to Integrate
In the following we describe the setup and configuration of the Enterprise Alert Package for Checkmk. You can find our official listing on the checkmk exchange
Create a new REST API event source in Enterprise Alert.
Upload the .mkp file in the checkmk portal under Extension Packages.
Create a Notification Rule and configure Enterprise Alert as Notification Method. You would need to set the REST API URL and your API Key. Also select one user in order to trigger the rule.
The alert notification is sent as an event to Enterprise Alert. and can be found under Incoming Events.
Based on this event you can start to build an alert policy.
Now you can test it by simulating an alert in checkmk. When checkmk detects an issue, the information is forwarded as an event to Enterprise Alert where your alert policy can then trigger the alert.
Extended 2-Way Integration
If you want to go beyond the integration as it has been described above. You will need an updated CheckMK system (version 2.0) and updated Enterprise Alert (version 9.0). Beside that you have just a couple of steps to go through. This includes activating the outbound webhook, getting a custom Main.JS file provided by us and replacing the default file. The detailed steps you can find below:
Navigate to System -> Event Sources -> and check the flag for “Enable outbound REST”
Open the downloaded Main.JS file and update the parameters for user, password and URL
Stop the Connector Host module from the Services.msc
Go to …Enterprise AlertConnectorHostOutboundWebhooks and replace the Main.JS file with the edited file
Start the Connector Host module from the Services.msc
This should be all that is necessary to get the status updates from Enterprise Alert9 to CheckMK2.0 going. From now on you will find the alert status updates for raised alerts in the comments of the affected system.
Value-add for CheckMK
Voice, text, push, IM & email
Automated alert notifications by voice, text, IM, push, email with real-time tracking and escalations. Noise filtering, de-duplication, flood protection, severity checks, responsibility mapping, alert auto-recovery support.
Intuitive drag & drop on-call, 24/ and follow-the-sun team scheduling including “who’s on call” dashboard, even on a mobile device. Automated routing of alerts to the right person on call, including automated escalations.
The technical storage or access is strictly necessary for the legitimate purpose of enabling the use of a specific service explicitly requested by the subscriber or user, or for the sole purpose of carrying out the transmission of a communication over an electronic communications network.
The technical storage or access is necessary for the legitimate purpose of storing preferences that are not requested by the subscriber or user.
The technical storage or access that is used exclusively for statistical purposes.The technical storage or access that is used exclusively for anonymous statistical purposes. Without a subpoena, voluntary compliance on the part of your Internet Service Provider, or additional records from a third party, information stored or retrieved for this purpose alone cannot usually be used to identify you.
The technical storage or access is required to create user profiles to send advertising, or to track the user on a website or across several websites for similar marketing purposes.