Alerting
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Ask a Question

ZenDesk incident

fman82
Explorer
‎09-28-2012 04:49 AM

Anyone create an App/script to integrate with ZenDesk (such as open an incident via API) which they wish to share?

Reply

skender27
Contributor
‎09-28-2015 07:29 AM

Hi,

This is not the answer, but maybe this could help!

I tried this way: to get the list of all ticket from my Zendesk instance in .json format
curl -u username@example.com:password https://my_instance.zendesk.com/api/v2/tickets.json

or a particular ticket (in this case no. 13)
curl -u username@example.com:password https://my_instance.zendesk.com/api/v2/tickets/13json

And the same way for users (clients):
curl -u username@example.com:password https://my_instance.zendesk.com/api/v2/users.json

For all other https methods I read cerefully:
https://developer.zendesk.com/rest_api/docs/core/introduction

Bye,
Skender

0 Karma
Reply

sbrant_splunk
Splunk Employee
Splunk Employee
‎09-28-2012 04:02 PM

Here is a script I wrote to open a Zendesk ticket. By naming the saved search with the proper fields, the fields get parsed out and make for a more meaningful ticket title. It isn't pretty but should get you started. It's written in Python 2.x:

import pycurl
import StringIO
import sys
import re

# ---- Splunk Output (input for this script)
scriptName = sys.argv[0]      # Script name
eventReturned = sys.argv[1]   # Number of events returned
searchTerms = sys.argv[2]     # Search terms
queryString = sys.argv[3]     # Fully qualified query string
searchName = sys.argv[4]      # Name of saved search
triggerReason = sys.argv[5]   # Trigger reason
searchURL = sys.argv[6]       # URL to the saved search
resultsFileRaw = sys.argv[8]  # File where the results for this search are stored (raw)

# ---- Parse Splunk search name to help populate zendesk ticket
zdFields = re.match('^Saved\sSearch\s\["(?P<company>.*?)"\s(?P<priority>\d)\s"(?P<description>.*?)"\]\snumber\sof\sevents.*?$', triggerReason)
zdCompany = zdFields.group('company')
zdPriority = zdFields.group('priority')
zdDesc = zdFields.group('description')

# ---- Global Variables for CURL calls
xmlRequest = '<ticket><subject>' + zdCompany + ': ' + zdDesc + '</subject><description>' + searchURL + '</description><priority-id>' + zdPriority + '</priority-id><ticket-type-id>2</ticket-type-id><requester_id>54</requester_id></ticket>'
ncServerMaxTime = 1
zdURL = "http://sb.zendesk.com/tickets.xml"  # URL to your zendesk page
USER = "<username>"
PASS = "<password>"


# ---- Main
c = pycurl.Curl()
c.setopt(pycurl.URL, zdURL)
c.setopt(pycurl.POST, 1)
c.setopt(pycurl.USERPWD, "%s:%s" % (USER,PASS))
c.setopt(pycurl.HTTPHEADER, ["Content-Type: application/xml"])
c.setopt(pycurl.TIMEOUT, ncServerMaxTime)
c.setopt(pycurl.CONNECTTIMEOUT, ncServerMaxTime)
c.setopt(pycurl.NOSIGNAL, 1)
c.setopt(pycurl.POSTFIELDS, xmlRequest)
b = StringIO.StringIO()
c.setopt(pycurl.WRITEFUNCTION, b.write)
c.perform()
Reply
Get Updates on the Splunk Community!

Announcing Scheduled Export GA for Dashboard Studio

We're excited to announce the general availability of Scheduled Export for Dashboard Studio. Starting in ...

Extending Observability Content to Splunk Cloud

Watch Now!   In this Extending Observability Content to Splunk Cloud Tech Talk, you'll see how to leverage ...

More Control Over Your Monitoring Costs with Archived Metrics GA in US-AWS!

What if there was a way you could keep all the metrics data you need while saving on storage costs?This is now ...