This feature is currently available for customers of Freshservice who signed-up post March 18, 2024.


Automate conditional actions on alerts using workflows to simplify the alert management process. You can customize workflows based on specific conditions or events, ensuring timely and appropriate actions. 


Create complex workflows with nested if-then-else rules in a single automator. Specify precisely when a workflow should run, either when an alert is created or updated. Choose to trigger workflows if the severity is updated to certain value or if the alert status changes. Assign incidents created from an alert directly to specific agents and/or agent groups based on predefined criteria. This ensures the efficient distribution of alerts, reducing response times and improving incident management. Perform multiple actions within a single workflow automator. For example, you can mark an alert as resolved, add a note to it, and update an incident field simultaneously. This simplifies and accelerates the execution of various tasks.

You can even send notifications to agents when an alert is created or updated. This keeps teams informed in real-time, fostering effective communication and collaboration among team members. Use web request nodes to perform actions on external systems using webhooks. Trigger commands in external systems like restarting servers, clearing cache memory, etc. Then based on the action's response, perform subsequent actions like escalating the alert to an incident.

Using workflows for alerts

Step 1

Head to Admin >> Workflows >> Alerts Module

Step 2

Click on New Workflow to open the slider. Enter the title and the description (optional). The module will already be pre-selected as Alerts, and the workflow type will also be pre-selected as Event Based Workflow. Select Create.

You will land on the Workflow Automator section. You will find the following nodes in an Alert Workflow Automator:

  1. EVENT: Use this to configure the trigger for workflows such as alert is created or alert is updated

  2. CONDITION: Use this node to check for conditions or criteria based on which you can perform actions

  3. ACTION: Use this node to perform actions based on the conditions such as creating an incident, assigning an incident to an agent or agent group, etc 

  4. JSON Parser: Use this node to parse the "Additional Info" section in alerts or a JSON response from the web request node. 

  5. TIMER NODE: Use this to add a time delay between workflow nodes, with a maximum delay of 1 hour and up to five timer nodes per workflow.

  6. WEB REQUEST NODE: Fire off a custom API request and interact with external tools to take action such as:

    1. Notifying agents using other channels

    2. Running preliminary remediation steps

    3. Add SOP for a certain kind of alert as a note

Step 3

Configure the nodes to automate actions on alerts as per your requirement. Please note that the order of the alert workflows affects their execution. 

Let's look at scenarios that you can automate using an alert workflow automator

Create a workflow to escalate critical alerts to incidents

Automate critical alert escalation to incidents & manage error alerts effectively. Streamline incident management with our step-by-step guide.