Multiple Opsgenie integrations in same Splunk

rensvanleeuwen · ‎02-11-2020

Hello,

we'd like to have multiple Opsgenie integrations in the same Splunk instance. The current integration only allows for a single installation and you can therefore only set a single API key. It also comes with a predefined name for the integration.

The use case that we have, is that we need to send alerts to different organisations in Opsgenie. We'd like an ability to differentiate, so when a user creates an alert, he/she can select from different Opsgenie integrations that then end up in one or more Opsgenie accounts.

Thanks,

Rens,Hello,

currently the Splunk/Opsgenie integration app can only be installed once. It therefore also only allows a single API key to be provided, and it comes with a predefined name.

We are looking for ways to have multiple Opsgenie integrations, that each can have a different API key and a different name. This would make it easier for people that create alerts to select a preconfigured Opsgenie integration that ends up on a different account.

Is the code for the Opsgenie integration open source? In other words: can we open a PR that would include this functionality?

Thanks,

Rens van Leeuwen

burwell · ‎07-14-2021

@rensvanleeuwen Hello. Did you ever find a solution for this problem?

rensvanleeuwen · ‎09-17-2021

Hello @burwell ,

I forgot about this message as it was sent during my holidays. Sorry for the delay.

We worked around this problem by doing the routing on the side of OpsGenie instead. It has been a while and I do not have access to the systems anymore, but I believe we used an OpsGenie → OpsGenie forwarder based on the contents of the payload.

Rens

Multiple Opsgenie integrations in same Splunk

Build Scalable Security While Moving to Cloud - Guide From Clayton Homes

Mission Control | Explore the latest release of Splunk Mission Control (2.3)

Cloud Platform | Migrating your Splunk Cloud deployment to Python 3.7