cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Looking to upgrade from Dynatrace Managed to SaaS? See how

Dynatrace payload issue with custom integration

shashank_b_agra
Organizer

Hi, I am working on a requirement where I have to integrate my Dynatrace Managed with Netcool which is another monitoring system to raise incident/tickets in remedy. The integration is all successful and we are able to send the payload to Netcool. But the problem is the payload itself.

 

What i have done is created a alerting profile (XYZ-profile) which uses a Management Zone (XYZ-mz). Now this management zone has a rule which says -

Services where Service type equals 'Web service' and that run on Hosts where Host name begins with 'myhost-'

 

I have 2 queries when we get multiple services problems in a single event -

  1. What the above rule doing is fetching the services deployed on myhost-* and also the parent services impacted by these services. For example this is a middleware host so the calling application could be any front end so in the payload, we are also getting those front end hosts and related services. We only want the services impacted on myhost-* and not others. Is there a way to achieve this?
  2. The other thing is Dynatrace does not provide the {hostname} in the payload so I had to extract it using tags because it is mandatory to provide hostname to Netcool in order to raise remedy tickets. Is there any other better way to see this?

 

The payload i am using - 

{
"State":"{State}",
"PID":"{PID}",
"ProblemID":"{ProblemID}",
"ProblemTitle":"{ProblemTitle}",
"MW_Host":"{Tags}",
"ImpactedEntity":"{ImpactedEntity}",
"ImpactedEntities":{ImpactedEntities},
"ProblemSeverity":"{ProblemSeverity}"
}

 

The Sample payload I am getting is -

{
"State":"OPEN",
"PID":"-XXXXXXXXXXX",
"ProblemID":"P-21042920",
"ProblemTitle":"Multiple service problems",
"MW_Host":"MW_Host:myhost-p11, MW_Host:myhost-p12, MW_Host:myhost-p13, OID:otherhost-p11, OID:otherhost-p12,
"ImpactedEntity":"Multiple service problems on 5 Services",
"ImpactedEntities":[{"type":"SERVICE","name":"myhost-service1","entity":"SERVICE-XXXXX"},{"type":"SERVICE","name":"myhost-servioc2","entity":"SERVICE-XXXXXX"},{"type":"SERVICE","name":"otherhost-service1","entity":"SERVICE-XXXXXX"},{"type":"SERVICE","name":"otherhost-service2","entity":"SERVICE-XXXX"],
"ProblemSeverity":"ERROR"
}

1 REPLY 1

ChadTurner
DynaMight Legend
DynaMight Legend

First thing I would do is make sure your Management zone only includes data at a service level and not including hosts and other data that you do not want to see. From there you need to ensure your alert profile is set to just that management zone that only gives you the limited services view. 

 

When it comes to host name being transmitted that can be an issue sometimes. I recommend either making a auto tag that captures the Host Name and applied it to the Services, Processes and so on. Then in your webhook payload send along all the tags that exists. this will also allow you to expand the number of tags being set for further alert parsing. 

 

The other option is to rename the services and/or processes to contain the host names in the service names. take a look at this example: https://www.dynatrace.com/news/blog/more-effective-ai-to-human-interactions-with-dynatrace-davis/ This method takes away the need for tags, but you can also use them together for even more clarity. 

-Chad

Featured Posts