Overview
Get alerts from SolarWinds Orion to aggregate and triage your alerts in a centralized location.
This integration works by subscribing Datadog to all of your SolarWinds alert notifications.
Setup
Create trigger actions
To create a new trigger action in SolarWinds:
Navigate to Alerts > Manage Alerts
Select any alert and click “Edit Alert”, or create a new alert if you do not have any
Navigate to Trigger Actions > Add Action
Select “Send a GET or POST Request to a Web Server”
Click “Configure Action”
Fill in the Action Pane with the following details:
a. Name of Action: Send Alert to Datadog (or whatever you prefer)
b. URL: https://app.datadoghq.com/intake/webhook/solarwinds?api_key=<DATADOG_API_KEY>
c. Select: Use HTTP/S POST
d. Body to Post: Copy and paste from alert template below
e. Time of Day: Leave as is
f. Execution Settings: Leave as is
Click “Add Action”
Click the “Reset Actions” step and then repeat steps 4 - 7, using the Reset Action template instead of the Trigger Action template
Click “Next“
Click “Submit“ on the Summary page
Assign actions to alerts
- From the Alert Manager view select all the alerts you wish to send to Datadog, then navigate to Assign Action > Assign Trigger Action
- Select the Send Alert to Datadog - Trigger action and click Assign
- Repeat for Assign Action > Assign Reset Action using the Send Alert to Datadog - Reset action
Trigger action body to post
{
"acknowledged": "${N=Alerting;M=Acknowledged}",
"acknowledged_by": "${N=Alerting;M=AcknowledgedBy}",
"alert_description": "${N=Alerting;M=AlertDescription}",
"alert_details_url": "${N=Alerting;M=AlertDetailsUrl}",
"alert_id": "${N=Alerting;M=AlertDefID}",
"alert_message": "${N=Alerting;M=AlertMessage}",
"alert_name": "${N=Alerting;M=AlertName}",
"alert_severity": "${N=Alerting;M=Severity}",
"application": "${N=Generic;M=Application}",
"device_type": "${N=SwisEntity;M=Router.Nodes.CustomProperties.Device_Type}",
"host": "${N=SWQL;M=SELECT TOP 1 RelatedNodeCaption FROM Orion.AlertObjects WHERE AlertObjectID = ${N=Alerting;M=AlertObjectID} }",
"host_url": "${N=SWQL;M=SELECT TOP 1 RelatedNodeDetailsUrl FROM Orion.AlertObjects WHERE AlertObjectID = ${N=Alerting;M=AlertObjectID} }",
"ip": "${N=SwisEntity;M=IP_Address}",
"location": "${N=SwisEntity;M=Router.Nodes.CustomProperties.City}",
"object": "${N=SWQL;M=SELECT TOP 1 EntityCaption FROM Orion.AlertObjects WHERE AlertObjectID = ${N=Alerting;M=AlertObjectID} }",
"object_type": "${N=Alerting;M=ObjectType}",
"timestamp": "${N=SWQL;M=SELECT GETUTCDATE() as a1 FROM Orion.Engines}"
}
Reset action body to post
{
"acknowledged": "${N=Alerting;M=Acknowledged}",
"acknowledged_by": "${N=Alerting;M=AcknowledgedBy}",
"alert_description": "${N=Alerting;M=AlertDescription}",
"alert_details_url": "${N=Alerting;M=AlertDetailsUrl}",
"alert_id": "${N=Alerting;M=AlertDefID}",
"alert_message": "${N=Alerting;M=AlertMessage}",
"alert_name": "${N=Alerting;M=AlertName}",
"alert_severity": "${N=Alerting;M=Severity}",
"application": "${N=Generic;M=Application}",
"device_type": "${N=SwisEntity;M=Router.Nodes.CustomProperties.Device_Type}",
"host": "${N=SWQL;M=SELECT TOP 1 RelatedNodeCaption FROM Orion.AlertObjects WHERE AlertObjectID = ${N=Alerting;M=AlertObjectID} }",
"host_url": "${N=SWQL;M=SELECT TOP 1 RelatedNodeDetailsUrl FROM Orion.AlertObjects WHERE AlertObjectID = ${N=Alerting;M=AlertObjectID} }",
"ip": "${N=SwisEntity;M=IP_Address}",
"location": "${N=SwisEntity;M=Router.Nodes.CustomProperties.City}",
"object": "${N=SWQL;M=SELECT TOP 1 EntityCaption FROM Orion.AlertObjects WHERE AlertObjectID = ${N=Alerting;M=AlertObjectID} }",
"object_type": "${N=Alerting;M=ObjectType}",
"timestamp": "${N=SWQL;M=SELECT GETUTCDATE() as a1 FROM Orion.Engines}",
"reset": "true"
}
Data Collected
Metrics
The SolarWinds integration does not include any metrics.
Events
The SolarWinds integration collects SolarWinds alerts in the event stream.
Service Checks
The SolarWinds integration does not include any service checks.
Troubleshooting
Need help? Contact Datadog support
