StatusHub Integration
Splunk Observability Cloud & StatusHub: Automate Status Page Incidents from Monitoring Alerts
Splunk Observability Cloud gives your team full visibility into the health of your applications and services. StatusHub makes sure your users are kept informed the moment something goes wrong. Connect the two and turn Splunk alerts into automatic status page incidents published instantly, with no manual work in between.
About
Splunk Observability Cloud is a monitoring and observability platform designed for engineering and operations teams that need full-stack visibility into the performance of their applications, systems, and infrastructure.
StatusHub and Splunk Observability Cloud integration overview
StatusHub is an IT disruption communication tool that helps organisations publish real-time status updates and manage incident communication with their team and end users. Splunk Observability Cloud is a monitoring platform that detects service degradations and outages across your stack and alerts your.
Once you connect Splunk Observability Cloud to StatusHub via webhook, the two platforms work together automatically. When an issue is detected in Splunk, it sends a notification to StatusHub which creates an incident on your status page immediately. Splunk's severity levels (Critical, Major, Minor, Warning, and Info) are mapped to StatusHub service statuses, so your status page always reflects the true impact of the issue. When the issue is resolved, StatusHub automatically closes the incident.
The integration also gives you control over how incidents are handled on the StatusHub side. You can choose to hold incoming alerts as drafts for your team to review before publishing, or suppress subscriber notifications for lower-priority events using the silent mode.
Technical overview of Splunk Observability Cloud integration with StatusHub
The integration utilizes the Webhook integration in Splunk.
For each service in StatusHub, a separate Webhook integration in Splunk should be created.
When creating Webhook integration in Splunk, the default webhook payload can be used. StatusHub will read the fields it needs to create the incident and will ignore the rest of the payload.
Because Splunk has 5 severity levels and StatusHub uses 3 service statuses, StatusHub is using the following mapping:
Critical -> Down
Major -> Down
Minor -> Degraded-performance
Warning -> Degraded-performance
Info -> Up
Besides the variables provided by Splunk, StatusHub also supports StatusHub-specific values sent in an HTTP request:
draft to control whether incidents created from PRTG should be created as drafts,
silent to create silent incidents that do not trigger notifications to subscribers.
If you have any questions, please contact us.
Read the full setup guide here:
Integrate Splunk Observability Cloud with StatusHub -->Get your first Splunk alert on your status page in minutes.