• Products
  • Get started
  • Documentation
  • Resources

Automatically create an incident with incident rules

Incident rule features are only available on Enterprise and Standard plan.

Create incidents automatically via Incident Rules via the main page of a Team under Incident rules.

Incidents are created automatically when Incident Rules are matched. Opsgenie's Integrations Rules automatically process incoming data, create a new Alert, and forward the Alert data to the Incident Management Rule engine. If the Alert data matches specified conditions (Incident Rules), Opsgenie creates an Incident and associates the raw alert with the Incident (in a parent-child relationship).

Auto-matched Alert Behavior

After an incident is opened, alerts matching the Incident Rules become Associated Alerts under the incident automatically, and no notification is sent. This aims to reduce alert fatigue.

After an incident is resolved, alerts matching the Incident Rules become Associated alerts under the incident automatically, incident state will be changed from resolved to reopened.

Therefore, it is important to close your incidents in a timely manner, because notifications are not sent for alerts matching an open incident.

If the incident in question is closed, and a matching alert is processed, a new incident is opened and notifications are sent.

The automatically created incidents notifies the Responders and the Stakeholders of the selected impacted services, according to communication channels specified by users or by any Notification Template.

To automate incident creation go to your team dashboard and add a new incident rule for your services.

Incident rules let you customize how your incidents are created. If the alert data matches the defined conditions, this creates an Incident based on the defined fields. Like many Opsgenie engines, the Incident Rules operate on If/Then statements and matching conditions.

Designate the conditions for which to match alerts to create an incident. The incident automatically created from the alert includes the fields (message, description, tags, etc.) as configured under the Incident Rules.

Last modified on Jun 4, 2021
Cached at 2:11 AM on Nov 27, 2021 |

Additional Help