Close issue on recovery alert from generic alert endpoint
Problem to solve
Incidents resolve for one of two reasons:
- Someone fixed the problem
- The problem fixed itself
In both scenarios, the monitoring tool often emits a recovery alert. In situations where a recovery alert is emitted, we want this to automatically close an associated incident in GitLab for the following reasons:
- If a system fixes itself, this may be unknown to the user, so we want the recovery alert to close the issue to indicate to responders that the incident is resolved.
- If someone fixes a problem and this is quickly recognized by the monitoring tool, closing an incident on a recovery alert saves the responder time.
Additionally, having this automation in place means that all users have the guarantee that open incidents are still active because once the problem has been solved they can rely on their tools to automatically close incident issues.
This work contributes to the Incident Management Vision
We will need to store alert and incident data for this features. When the alert endpoint receives an alert of type=recovery, we will need to match that alert to an open issue on a unique identifier.
We will likely need to do this for each monitoring tool individually. Let's start with the most common tools. There is a UX Research Issue that details the most common tools used by operations engineer. Here is a summarized list:
- New Relic
- AWS CLoudwatch
Other's that we should look at:
Permissions and Security
What does success look like, and how can we measure that?
What is the type of buyer?
Links / references