Note: The feature is currently in beta


Here’s how you can enable Alert Management in your Freshservice account:

  1. Go to Admin -> Helpdesk Productivity -> Alert Management -> Integrations

  2. You can send alerts from the monitoring tools to Freshservice using API

  3. The API contract shown has an authentication key for your account

The following are the list of attributes that can be sent through the API contract

hostnameMandatory field100 charsYou can pass the value of the hostname (OR) node id (OR) application. Depending on how this entity is mapped in your CMDB. This attribute value is searched against your CMDB and if a match is found then freshservice adds that asset to the ticket created.
resourceMandatory field100 charsCheck for AKA service on the hostname. If you are sending alerts from a server, the resource could be disk space, CPU utilization etc. If it's an application that you are monitoring, then this could be page load time, count of 500 errors etc.
mo_name Not Mandatory100 charsThis is to track in a more granular level. If you are monitoring a quad-core CPU, then you might want to use this attribute to see 'core1', core2 etc. If it's a switch you can use this attribute to monitor specific interfaces
valueNot Mandatory64 charsYou can send the value of the metric here. If it's CPU utilization, send the % utilization. ex. '75%'
if it's page load time you are measuring, then you can send '450 ms' etc.
severityMandatory field
This is the severity of the alert. Freshservice normalizes all incoming severity to 1 of 4 freshservice alert severity - Critical, Error, Warning, OK.
ip_addressNot Mandatory64 charsThe IP address of the asset that you are monitoring
 messageNot Mandatory255 charsThis value will be used as the subject of the incident created from this alert.
descriptionNot Mandatory2048 chars

You can add a description to the ticket so it can help the agent resolve the ticket quickly. The text given will be added as the body of the ticket.

alert_group_keyNot Mandatory100 charsThis help in correlating different alerts into a single incident. For eg: You want all the alerts for the same host to be part of the same ticket. A1 - alert comes for hostname1 and CPU utilization and A2 - alert for hostname1 and disk space. By default, this will create two different incidents but if you wish to add these to alerts to the same incident you can choose to send the hostname as Alert group Key. Freshservice adds all the alert with the same Alert group key to the same incident.
occurred_atNot Mandatory

Time at which the alert was generated

Timestamp format: YYYY/mm/dd HH:MM:SSZ

tagsNot Mandatory50 chars

Add tags so it's easier to filter out the alert based on tags.

It's an array payload with a maximum of six elements 

eg: ["US_Region", "Texas", "Threshold_Alert"]

additional_infoNot Mandatory64 chars

It's a JSON payload with three key-value pairs. Keys are predefined as given below

{"custom_attribute1": "value1", "custom_attribute2": "value2", "custom_attribute3": "value3"}

Check out the documentation for some of the monitoring tools from the links listed below:

Note: If you're using a monitoring tool that's not listed in the above mentioned, you can send the payload using the webhook option.

Alert Rules:

  1. Now, go to Freshservice -> Admin -> Helpdesk productivity -> Alert management ->   Alert rules.
  2. Set up an alert rule in Freshservice to create incidents for specific alerts.
  3. You can also set up actions that need to be performed on the incident

4. All the alert rules that are created are listed in the Alert rules tab in Alert Management. You can enable/disable any alert rule on this page. 

Consolidated Alerts Page:

Once you enable Alert Management in Freshservice, you can view all the alerts in the Alert List page where you can filter / sort alerts and execute bulk actions. In the Alert list page, you can:

  1. Select the columns to be displayed, for example, you can view the related incident right from the list page. 

2. Apply filters based on created/updated on, severity, and hostname.

3. Bulk associate to an existing incident by searching for the incidents or create a new incident for the selected alerts.

4. When you drill down into a particular alert, you can view the Alert Logs

5. When the alerts are grouped into incidents, the details of the alerts and its logs, associated assets, child tickets, and tasks can be viewed in the incident details page.