Skip to main content
Skip table of contents

Opsgenie Actions

Actions for Opsgenie

  • Create Alert. Send an alert from Lucidum to Opsgenie. Opsgenie will deliver the alert according to its policies.

Use Cases

Below are the possible use cases for the Create Alert action:

  • You can create an alert from Lucidum to Opsgenie when you find zombie users (users who are using applications in your environment but are not managed in directory services). The alert can notify SecOps and IT personnel.

  • You can create an alert from Lucidum to Opsgenie when you find idle AWS instances that could be retired. The alert can notify IT and Finance.

Prerequisites

Before you can execute the actions for Opsgenie, you must create an API key with write access to Opsgenie. For details, see https://support.atlassian.com/opsgenie/docs/api-key-management/.

Workflows

Opsgenie Configuration

  • Configuration Name. Identifier for the Configuration. This name will appear in the Lucidum Action Center.

  • URL. The base URL for the Opsgenie API.

  • API Key. Opsgenie API key. For details, see https://support.atlassian.com/opsgenie/docs/api-key-management/.

  • Host. The hostname of the Lucidum instance. For example, demo.lucidum.cloud.

Create or Edit an Action

To create an action for Opsgenie:

  1. In the Create a New Action page, in the General step, enter:

    • Action Type. Select an action from the pulldown options.

    • Configuration Name. Select an action configuration from the pulldown options.

    • Action Name. Identifier for the action. This name will appear in the Lucidum Action Center.

    • Description. Description of the action.

  2. Click the Next (>) icon.

  3. In the Filters page, click Configure Filters.

  4. The Build a Query page appears.

    build_query1_updated.png

  5. In the Build a Query page, you define the query for the assets or users that the action will act upon.

  6. Click Next.

  7. In the Build a Current Query page, enter the fields, operators, and values for the query. For existing actions, the query is already loaded in this page.

    build_query2_updated.png
  8. For details on creating and editing queries in Lucidum, see the section on Building Queries.

    NOTE: To optimize performance, the default time range is Current. If you need to access historical data, contact Lucidum Custom Success for help on using historical data without affecting performance.

  9. Click the Apply (page and pencil) icon.

  10. Click the Next (>) icon.

  11. In the Schedule step, enter:

    • Schedule Type. Define the schedule for the action. Choices are:

      • Recurrence. Specify a frequency for the recurring schedule.

      • After Data Ingestion. The action is executed after data ingestion, which happens at least once every 24 hours and can also be triggered manually.

    • Do not trigger the action unless. Specify the number of results from Filters as a prerequisite for executing the action.

  12. Click the Next (>) icon.

  13. In the Details step, enter the following:

    • Output Fields. For the records selected with the Filters field, specify the columns to display. When creating or editing the query, you can select these fields in the Query Results page > Edit Column button.

    • Priority. Priority to assign to the Opsgenie alert.

    • Tags. Comma-separated list of tags to include in the Opsgenie alert.

    • Description. Description to include in the Opsgenie alert.

    • Responder ID. ID of the responder to be notified of the alert. Can be an individual or a group.

    • Responder Type. Specify the type of responder. Choices are team, user, escalation, or schedule.

JavaScript errors detected

Please note, these errors can depend on your browser setup.

If this problem persists, please contact our support.