An incident is a problem, represented by an alert, that could negatively impact customers, your employees, and the stakeholders inside or outside of your organization. Your company uses Splunk ITSI to normalize, correlate, group related alerts, and generate incident notifications. Now, you want these critical notifications sent to Splunk On-Call to quickly get those actionable ITSI episodes to the right teams so they can resolve problems.
This article is part of the Splunk Use Case Explorer for Observability, which is designed to help you identify and implement prescriptive use cases that drive incremental business value. It explains the solution using a fictitious example company, called CSCorp, that hosts a cloud native application called Online Boutique. In the AIOps lifecycle described in the Use Case Explorer, this article is part of Notification.
Splunk ITSI can send actionable ITSI episodes into Splunk On-Call to achieve fast and efficient incident resolution with reduced downtime.
- Download, install and configure the Splunk On-Call (VictorOps) app.
- Set up your account.
- Set up the alert API key and enable the integration with Splunk ITSI.
- Set up the data API keys and activate the API.
- Send a test alert.
- Validate the integration.
Watch this video to see how you can configure the four parts of the integration.
Still having trouble? Splunk has many resources available to help get you back on track.
- Splunk OnDemand Services: Use these credit-based services for direct access to Splunk technical consultants with a variety of technical services from a pre-defined catalog. Most customers have OnDemand Services per their license support plan. Engage the ODS team at OnDemand-Inquires@splunk.
com if you require assistance.
- Splunk Answers: Ask your question to the Splunk Community, which has provided over 50,000 user solutions to date.
- Splunk Customer Support: Contact Splunk to discuss your environment and receive customer support.
- Splunk Observability Training Courses: Comprehensive Splunk training to fully unlock the power of Splunk Observability Cloud.