Playbook Automation

Leveraging workflows to automate playbook executions

Workflows are a way to automate investigation of your systems using Playbooks.

A workflow consists of 4 components:

Triggers:

Triggers are entry points for an investigation to be initiated. Currently there are two types of Triggers that are enabled:

  • Alert message in Slack: Using the Slack App integration, any bot message within a channel can be used as a trigger.
  • API call: You can configure an API call from any tool or within your code to trigger an investigation workflow.



Diagnosis:

An activity / investigation that needs to be taken as an after-effect. Within a diagnosis, you can currently setup one playbook to run.

Scheduler:

This determines how frequently the diagnosis/actions should run after a trigger. Configurations currently supported:

  • One-time run: This configuration is suitable if you want to run the playbook investigation once after an alert is triggered.
  • Run as per a cron schedule: This configuration is favourable when you need to run the playbook continuously as per a schedule
  • Run for a fixed duration: In this configuration, you can schedule the investigation to happen every x seconds until an "end time".


Actions:

Actions are post-facto steps that need to be taken after an investigation has been completed. Currently supported actions include:

  • Sending the investigation summary as a reply to an alert message in a Slack channel.
  • Sending the investigation summary in a Slack channel.