Auvik

Overview

This document provides a detailed guide to integrating Auvik with Callgoose SQIBS for real-time Incident Management, Incident Auto Remediation, Event-Driven Automation, and other automation purposes. The integration enables automatic creation, updating, and resolution of incidents in Callgoose SQIBS based on alerts triggered in Auvik. The guide includes steps for setting up Auvik alerts, configuring webhook notifications, creating API filters in Callgoose SQIBS, and troubleshooting.

Prerequisites

• Auvik Account: Access to Auvik for creating alerts and managing notifications.
• Callgoose SQIBS Account: With valid privileges to set up API filters and receive notifications.
• Webhook/API Endpoint: Available in Callgoose SQIBS to receive alerts from Auvik.

1. Obtain API Token and Endpoint Details

To integrate with Callgoose SQIBS, you first need to obtain an API token and find the API endpoint details.

• Generate an API Token:
• Follow the guide on How to Create API Token in Callgoose SQIBS.
• Find the API Endpoint:
• Refer to the Callgoose SQIBS API Endpoint Documentation to get the endpoint details where the JSON payloads from Auvik will be sent.

2. Debugging and Troubleshooting

You can enable debugging in the API tokens used with Auvik notifications for troubleshooting purposes.

• Enable Debugging:
• You can update the debug value when adding or updating an API token.
• When API tracking is enabled, logs are stored in the API log section for your review. The debugging option will automatically disable after 48 hours.
• When API tracking is turned off, no logs are saved in the API log.
• Using API Log for Troubleshooting:
• The API log provides detailed information on all API calls made to Callgoose SQIBS.
• You can check the JSON values in each API log entry for troubleshooting purposes.
• Use the information in the API log to create or refine API filters to ensure incidents are created correctly based on the API payloads received.
• Callgoose SQIBS creates incidents according to your API filter configuration, giving you full control over how alerts from different services trigger incidents and alerts for your support team or automation processes.

3. Configuring Auvik to Send JSON Payloads

To configure Auvik to generate the appropriate JSON payloads for Callgoose SQIBS, follow the steps below. These will guide you through setting up the necessary alerts and webhook notifications within Auvik to ensure that the JSON payloads match the expected format.

3.1 Setting Up Alerts in Auvik

• Log in to Auvik:
• Access the Auvik platform using your account credentials. Refer to the Getting Started guide for more details on how to log in.
• Download and Install Auvik Collector in order to collect data from your network. Follow the steps on Auvik Getting Started.
• Navigate to Integrations:
• Once logged in and setting up collector, go to the Integrations section in the main dashboard.
• Add a New Integration:
• Click on Add Integration. From the list, choose the Webhook option.
• Configure Webhook URL:
• Provide a name for your integration, and in the Webhook URL field, enter the Callgoose SQIBS API endpoint URL. Refer to the API Endpoint Documentation to finalize the URL format.
• Test Webhook Connection:
• Click on Test Connection to verify that Auvik is correctly sending the payload to Callgoose SQIBS and that it's being received as expected.
• Save the Webhook:
• Once the connection is verified, click Save to complete the webhook setup.

3.2 Setting Up Notification Channels for Alerts

• Manage Alerts:
• Navigate to the Manage Alerts section in Auvik.
• Configure Notification Channels:
• Click on Notification Channels and then select Add Notification Channel. Provide a name for this channel.
• Select Contact Method:
• In the Contact Method field, choose Webhook as the option. Save the configuration.

3.3 Create New Alerts

• Add a New Alert:
• Go to the New Alerts section under Manage Alerts and click on Add Alert.
• Define Alert Details:
• Fill in the necessary alert details, including the name and description of the alert.
• Set Alert Severity and Rules:
• Select the alert severity and define the alert rule that will trigger the notification.
• Assign Notification Channel:
• In the Notification field, select the notification channel that was created earlier using the webhook method.
• Save Alert Configuration:
• Complete the remaining details as needed and click Save to finalize the new alert.

3.4 Finalizing and Testing

• Validate the Integration:
• Trigger the condition manually if possible to verify that the correct JSON payload is sent to Callgoose SQIBS.
• Resolve the alert to ensure the resolved state payload is also correctly sent and processed.

4. Configuring Callgoose SQIBS

4.1 Create API Filters in Callgoose SQIBS

To correctly map incidents from the Auvik alerts, you need to create API filters based on the JSON payloads received.

4.1.1 Example JSON Payloads from Auvik

Alert Triggerd(alertStatusString:"Triggered")

json

{
"entityId": null,
"subject": "You have a new alert!",
"alertStatusString": "Triggered",
"alertId": "MTE1OTc0Nzc4Mzc5NDg5NzY2MSwxMTU5NzQ3Nzc4MzUyNzg3ODA4",
"alertName": "Test Alert",
"entityName": "Auvik System",
"companyName": "Zeno Headquarters",
"entityType": null,
"date": "2024-10-11T10:53:24.033Z",
"link": "https://zeno.us6.my.auvik.com/alert/****/summary",
"alertStatus": 0,
"correlationId": "MTE1OTc0Nzc4Mzc5NDg5NzY2MSwxMTU5NzQ3Nzc4MzUyNzg3ODA4",
"alertDescription": "Hidden alert to trigger a notification.",
"alertSeverityString": "Info",
"alertSeverity": 4,
"companyId": "****"
}

Alert Resolved(alertStatusString:"Cleared")

json

{
"entityId": null,
"subject": "You have a new alert!",
"alertStatusString": "Cleared",
"alertId": "MTE1OTc0Nzc4Mzc5NDg5NzY2MSwxMTU5NzQ3Nzc4MzUyNzg3ODA4",
"alertName": "Test Alert",
"entityName": "Auvik System",
"companyName": "Zeno Headquarters",
"entityType": null,
"date": "2024-10-11T10:54:47.687Z",
"link": "https://zeno.us6.my.auvik.com/alert/****/summary",
"alertStatus": 0,
"correlationId": "MTE1OTc0Nzc4Mzc5NDg5NzY2MSwxMTU5NzQ3Nzc4MzUyNzg3ODA4",
"alertDescription": "Hidden alert to trigger a notification.",
"alertSeverityString": "Info",
"alertSeverity": 4,
"companyId": "****"
}

4.2 Configuring API Filters

4.2.1 Integration Templates

If you see a Auvik integration template in the "Select Integration Template" dropdown in the API filter settings, you can use it to automatically add the necessary Trigger and Resolve filters along with other values. The values added by the template can be modified to customize the integration according to your requirements.

4.2.2 Manually Add/Edit the Filter

• Trigger Filter (For Creating Incidents):
• Payload JSON Key: "alertStatusString"
• Key Value Contains: [Triggered]
• Map Incident With: "entityId"
• This corresponds to the unique entityId from the Auvik payload.
• Incident Title From: "subject"
• This will use the issue type as the incident title in Callgoose SQIBS.
• The title of the incident can also be managed using the Callgoose sqibs API endpoint. Refer to the API Endpoint Documentation for more details.
• Incident Description From: Leave this empty unless you want to use a specific key-value from the JSON payload. If a key is entered, only the value for that key will be used as the Incident Description instead of the full JSON. By default, the Incident Description will include the full JSON values.
• Example: If you use the "alertDescription" key in the Incident Description From field, the issue alertDescription will be the value. In the example JSON payload provided earlier, this would result in a description like "Hidden alert to trigger a notification.".
• Resolve Filter (For Resolving Incidents):
• Payload JSON Key: "alertStatusString"
• Key Value Contains: [Cleared]
• Incident Mapped With: "entityId"
• This ensures the incident tied to the specific entityId is resolved when the alert status returns to normal.

Refer to the API Filter Instructions and FAQ for more details.

4.3 Finalizing Setup

• Save the API Filters:
• Ensure that the filters are correctly configured and saved in Callgoose SQIBS.
• Double-check that all key mappings, incident titles, and descriptions are correctly aligned with the payload structure sent by Auvik.

5. Testing and Validation

5.1 Triggering Alerts

• Simulate a Monitoring Alert:
• Trigger a condition in Auvik that causes an alert (e.g., Firewall Online).
• Verify that an incident is created in Callgoose SQIBS with the correct information, including the title, description, and urgency level.

5.2 Resolving Alerts

• Acknowledge and Resolve the Alert:
• Once the issue is resolved in Auvik (e.g., Firewall Offline), verify that the incident in Callgoose SQIBS is automatically marked as resolved.

6. Security Considerations

• API Security: Ensure that the Callgoose SQIBS API endpoint is correctly configured and that the API token is securely stored and used.
• Auvik Permissions: Confirm that the webhook in Auvik has appropriate permissions to send alerts and data to Callgoose SQIBS.

7. Troubleshooting

• No Incident Created: If no incident is created, verify that the webhook URL in Auvik is correct and that the JSON payload structure matches the API filters configured in Callgoose SQIBS.
• Incident Not Resolved: Ensure that the resolve filter in Callgoose SQIBS is correctly configured and that the JSON payload sent by Auvik matches the expected structure.

8. Conclusion

This guide provides a comprehensive overview of how to integrate Auvik with Callgoose SQIBS for effective incident management. By following the steps outlined, you can ensure that alerts from Auvik are automatically reflected as incidents in Callgoose SQIBS, with proper resolution tracking when the issues are resolved.

For further customization or advanced use cases, refer to the official documentation for both Auvik and Callgoose SQIBS:

• Auvik Documentation
• Callgoose SQIBS API Token Documentation
• Callgoose SQIBS API Endpoint Documentation
• API Filter Instructions and FAQ
• How to Send API

This documentation will guide you through the integration process, ensuring that your incidents are managed effectively within Callgoose SQIBS based on real-time alerts from Auvik.