Here’s how you can enable Alert Management in your Freshservice account:

  1. Go to Admin -> Helpdesk Productivity -> Alert Management -> Integrations.

  2. Here you can see two ways to receive alerts from the monitoring tools: 

    • Using Email address

    • Using API

  3. To use an email address, you can either use the default email address or your own email server.


AttributeMandatory?SizePurpose
hostnameMandatory field100 charsYou can pass the value of the hostname (OR) node id (OR) application. Depending on how this entity is mapped in your CMDB. This attribute value is searched against your CMDB and if a match is found then freshservice adds that asset to the ticket created.
resourceMandatory field100 charsCheck for AKA service on the hostname. If you are sending alerts from a server, the resource could be disk space, CPU utilization etc. If it's an application that you are monitoring, then this could be page load time, count of 500 errors etc.
mo_name Not Mandatory100 charsThis is to track in a more granular level. If you are monitoring a quad-core CPU, then you might want to use this attribute to see 'core1', core2 etc. If it's a switch you can use this attribute to monitor specific interfaces
valueNot Mandatory64 charsYou can send the value of the metric here. If it's CPU utilization, send the % utilization. ex. '75%'
if it's page load time you are measuring, then you can send '450 ms' etc.
severityMandatory field
This is the severity of the alert. Freshservice normalizes all incoming severity to 1 of 4 freshservice alert severity - Critical, Error, Warning, OK.
ip_addressNot Mandatory64 charsThe IP address of the asset that you are monitoring
 messageNot Mandatory255 charsThis value will be used as the subject of the incident created from this alert.
descriptionNot Mandatory2048 chars

You can add a description to the ticket so it can help the agent resolve the ticket quickly. The text given will be added as the body of the ticket.

alert_group_keyNot Mandatory100 charsThis help in correlating different alerts into a single incident. EX. You want all the alerts for the same host to be part of the same ticket. A1 - alert comes for hostname1 and CPU utilization and A2 - alert for hostname1 and disk space. By default, this will create two different incidents but if you wish to add these to alerts to the same incident you can choose to send the hostname as Alert group Key. Freshservice adds all the alert with the same Alert group key to the same incident.
occurred_atNot Mandatory

Time at which the alert was generated

Timestamp format: YYYY/mm/dd HH:MM:SSZ

tagsNot Mandatory50 chars

Add tags so it's easier to filter out the alert based on tags.

It's an array payload with a maximum of six elements 

eg: ["US_Region", "Texas", "Threshold_Alert"]

additional_infoNot Mandatory64 chars

It's a JSON payload with three key-value pairs. Keys are predefined as given below

{"custom_attribute1": "value1", "custom_attribute2": "value2", "custom_attribute3": "value3"}

     

  4. To use APIs: 

  1. Select the tool you would like to integrate (if your tool is not mentioned, please click ‘Other tools’).

  2. Copy the API contract and set up a new alert in the monitoring tool. Check out the exact procedure for the monitoring tool you use by exploring the links listed below: 

  3. Now, go to Freshservice -> Admin -> Helpdesk productivity -> Alert management ->   Alert rules.
  4. Set up an alert rule in Freshservice to create incidents and group alerts.
  5. Set up the incident creation rules, actions, and correlation rules. 
  6. All the alert rules that are created are listed in the Alert rules tab in Alert Management. You can enable/disable any alert rule on this page. 


Once you enable Alert Management in Freshservice, you can view all the alerts in the Alert List page where you can filter / sort alerts and execute bulk actions. In the Alert list page, you can:

  1. Select the columns to be displayed, for example, you can view the related incident right from the list page. 


2. Apply filters based on created/updated on, severity, and hostname.



3. Bulk associate to an existing incident by searching for the incidents or create a new incident for the selected alerts.


When you drill down into a particular alert, you can:

  • View the trend chart

  • Alert logs


When the alerts are grouped into incidents, the details of the alerts and its logs, associated assets, child tickets, and tasks can be viewed in the incident details page.  


The roles and scope can be defined from Admin -> Agent role -> Alerts. You can provide access to the agents to view or edit the alerts.