- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
02-02-2021 05:56 AM
Hello,
I am testing Datadog event integration with ServiceNow. I am able to get a Datadog event to create a ServiceNow event and then an alert, but I can't get it to turn into an Incident no matter what I do.
In the Alert Management Rule, I created a rule to match with Alert generated from Datadog, the rule as follow:
1. has highest priority (lowest order) compared to all other
2. only have one matching condition, which is source = Datadog
3. In the preview, it shows there are records that matches the rule
4. When I create incident manually from the same Datadog alerts, it works fine.
Please see screenshots and let me know what I am missing?
Thank you,!
Solved! Go to Solution.
- Labels:
-
Event Management
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
12-02-2021 10:36 AM
I have found the solution. It was severity value supplied by Datadog not matching up with what ServiceNow was expecting. The solution was to correct map the severity using the Event Field Mapping. Thank you all for responding!
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
02-03-2021 05:34 AM
Gotcha, thank you Ian. Especially regarding the OOB subflows. I will look at that next. I just assumed that the subflow is not the issue as it can executed manually to create an incident.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
11-29-2021 02:32 PM
In case anyone else stumbles across this forum with the same issue like I did, here's what fixed it for me.
Alert filters are case sensitive.
The condition filter must match the casing of the string, otherwise it will fail to execute. Changing the condition filter to match case with the string will allow it to process as expected. Mismatched cases will show results when you use the preview button, but they will fail to execute.
Hope this helps someone else!
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
08-09-2023 12:27 PM
Hi @DHeath , I am facing the same issue, But in my case the alert execution is happening once in 3 tries, Incident is not creating in the first shot. Again I will close the incident and next then I will create a new one using REST API and then create event > Alert, Some times executions were coming and some times not. Can ypu please help me with a solution. Below following is the query which i posted in the community for the mentioned issue.
https://www.servicenow.com/community/developer-forum/alert-execution-is-not-triggering/m-p/2637903
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
12-02-2021 10:36 AM
I have found the solution. It was severity value supplied by Datadog not matching up with what ServiceNow was expecting. The solution was to correct map the severity using the Event Field Mapping. Thank you all for responding!
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
10-25-2023 02:59 PM
hi @Minh2 can you please provide me the sample of the event field mapping that you had? i am experiencing the same issue and i am not sure what will be the Source field from Datadog.
