Summary


This functionality makes alert payload fields accessible to IT Agents so that they may perform reporting, orchestrations, automation, etc. for incidents that are created using an alert.


Example: Assign alert payload values as incident custom fields

  1. Create a custom field called "Company" to capture the company name from the alert payload.
  2. Create an alert rule to create an incident out of an alert.
  3. Create a ticket workflow automator with the following configurations:
    1. Event Node 
    2. Condition Node 
    3. Use json parser node to parse the additional info field. Learn how.
    4. For this first set the source as the Primary Alert 
    5. Paste the same additional info block in the payload section 
    6. Click on generate output. Provide an appropriate label to the output.
    7. You can now access the additional info fields in the subsequent nodes. Add an action block to set the custom field 'Company' equal to the appropriate additional info payload value.
    8. Select 'Set Company name as'
    9. Click on "P2 Additional info" to access the output generated by the JSON parser node and select the appropriate value