Find the list of all built-in inbound integrations at the bottom of this page.
Integrations are dynamic and flexible. The integration process is simple and involves two steps:
  1. Set up integration
  2. Receiving a payload
  3. Mapping payload attributes to incidents

How Integrations Work

To create a new integration, simply navigate to the Integrations tab and click on the `Create New Integration button. From there, give your integration a name, such as “AWS Amazon CloudWatch” if you’re connecting to this tool. You’ll also need to choose which team the integration should belong to, as this can’t be changed later. Finally, select the type of integration, such as “AWS Amazon CloudWatch”. Keep in mind that the integration type can’t be changed later.

Configuring Integrations

Configuring integrations is a two-step process:
  1. Receiving a payload
  2. Mapping payload attributes to incidents
Step 2 is identical for each integration type, while step 1 (receiving the payload) differs for each integration type. We’ll walk you through these steps by the example of a Webhook Integration.

Receiving Payloads

Try to avoid personal data and security relevant information like credentials in the payloads sent to All Quiet. For U.S. companies: We are not HIPAA certified, so don’t share individually identifiable health information protected by the HIPAA act. Make sure to exclude this kind of data from payloads sent to us.
  1. After creating a new integration, we find ourselved on the Edit tab of the integration details page. Here, you can make some important high-level adjustments.
  2. Is your integration unreliable, sometimes triggering incidents that auto-resolve just minutes later? Or would you prefer to suppress incidents during specific times and have them surface later? Reduce noise and minimize stress for your on-call colleagues. Team Administrators can enable Snooze Settings for the integration.
    • When activated, newly created incidents are automatically snoozed. They will only alert on-call members once the snooze window ends or if the incident is manually unsnoozed. Choose between two modes:
      • Snooze mode Relative: Snooze incidents for a specified timeframe, e.g. 10 minutes.
      • Snooze mode Absolute: Snooze an incident until a specified time of day. By default, the incident will unsnooze the next time (“Next Possible”) the selected time is reached after the snooze period ends. Optionally, you can choose a weekday to specify exactly when it should unsnooze.
    • While snoozed, there are no auto-escalations, and no notifications are sent regarding the incident.
    • Once unsnoozed - no matter if manually or because the snooze window ends - Tier 1 on-call members are alerted and any potential auto-escalations will begin.
    • If an incident resolves itself during the snooze period, it remains snoozed and does not alert your team.
    • To view and manage snoozed incidents, enable the Include Snoozed filter in the incident overview.
  3. Here, Team Administrators can add Maintenance Windows for the integration.
    • Muted: For muted integrations, you will receive a payload and we’ll create an incident. However, we won’t send any notifications.
    • Maintenance: For maintenanced integrations, you will receive a payload. However, we won’t create an incident nor will we send any notifications.
  4. Once you’ve created an integration of type Webhook, you can send HTTP requests to the integration’s URL. Every request sent to this address will show up as a new payload in the Payload Mapping tab (see below), from which we’ll extract attributes and map these to incidents. Moreover, you can adjust the authentication setting for your URL.
  1. Now it’s time to look at the Payload Mapping tab.
  2. You can find the webhook URL you need to send alerts to All Quiet above the tab.
  3. You can see payloads that were received by All Quiet in the top row pane and select them as a template / example for your attribute mapping.
    Cannot find your payload? Check, if you sunccessfully connected the integration. Also, we can only receive webhook requests that are smaller than 3mio bytes (3MB).
  4. The payload will always be in JSON format and wrap other formats like HTML or XML depending on your payload. We show the JSON in a json-edit-react component for better visability and usability.
  5. Below you can find the mapping component that maps the payload to an All Quiet incident. More on that, below.
  6. We always show a live preview of an incident created from payload and mapping, so you always get immediate feedback when configuring the mapping.
  7. You can trigger test incidents to see if everything works as expected and save your mapping.
To send a payload to your Webhook, issue the following cURL command to send a form post to a webhook integration. The payload will show up under the field Latest Payloads. Please note that you need to adjust the URL to your unique integration’s URL. 
curl -X POST 'https://allquiet.app/api/webhook/12fa90f1-9f01-41a8-8fe5-b5d385dac03d' \
-H 'Content-Type: application/json' \
-d '{"alertName": "My Monitor", "alertStatus": "Failed", "description": "From cURL"}'
Learn more about generic webhooks here: Connect Generic Webhooks.

Triggering Dummy Incidents

To get a practical understanding of All Quiet’s incident handling, you have the option to initiate a dummy incident. This feature allows you to simulate a real incident by using the current request payload example alongside your established mapping configurations. When you trigger a dummy incident, the system will execute all the usual processing steps. This includes sending out notifications to your teams and managing any outgoing integrations. This simulation is an effective way to experience firsthand how All Quiet will respond in an actual operational scenario. It’s an invaluable tool for verifying that your configurations and mappings will behave as expected during a live incident. Here’s how to trigger a dummy incident:
  1. Navigate to the Payload section, where you’ll see your saved request payload for testing.
  2. Review your Mapping settings to ensure they’re correctly configured to simulate the desired incident conditions.
  3. Click on Trigger Dummy Incident to start the simulation. You’ll observe the full cycle of incident processing as if it were a genuine alert.

Mapping Payloads

To map a payload’s JSON to an actual incident you need to define a set of mapping rules. Those rules are defined in an intuitive UI. To allow you to conveniently configure your mapping, your changes are automatically applied to a preview of an incident.

How does attribute mapping work?

With attribute mapping you can map the payload of your integration to the defined data structure of All Quiet’s incidents.

Quick Example

Let’s assume, we’ve created an integration of type Webhook. We can use the following CURL command below as an example to trigger the webhook: 
curl -X POST 'https://allquiet.app/api/webhook/12fa90f1-9f01-41a8-8fe5-b5d385dac03d' \
-H 'Content-Type: application/json' \
-d '{"alertName": "My Monitor", "alertStatus": "Failed", "description": "From cURL"}'
Then, we can map the payload to an incident with this deafault attribute mapping below:
  1. We can see all attributes. We will evaluate all attributes from first to last element. Learn more about reserved and required as attribute types below.
  2. For each attribute in attributes we will evaluate all mappings from the first to the last element. The result of a mapping will be passed on to the next mapping element as an input. The last result will be the attribute’s value. In this example, the attribute Status is first mapped by a jsonPath and then by a map evaluation. See below for more about our evaluation types and mapping variables.
  3. You can mark each attribute with Grouping, Hide in Previews or Image key. More on this, here.
  4. You can add further attributes for customization anytime.
  5. Below, you will always see a live preview of your All Quiet incident based on the current mapping.

Handling Multiple Payloads

If your payloads can have different structures, you can define multiple attributes for the same field/name. The first attribute that can be evaluated sunccessfully to a value will be used. In the example,
  1. We will first check if the JSONPath $.query.utm contains the value Medium or High to define the Severity.
  2. If none of those values can be found, we will use the second Severity attribute in our mapping to set the Severity to Minor.

Payload Mapping in Terraform

For our Terraform Provider, we’ve written a separate payload mapping ressource allquiet_integration_mapping. If you don’t use this resource, your integrations will implicitly follow our default mappings. If you want to adjust the mapping, we’ve prepared template allquiet_integration_mapping resources.

Reserved and required attributes

You can map as many attributes with any name you like. There are a few reserved and required attributes though:
PropertyDescriptionAllowed Values
CorrelationIdOptionalUse this attribute to uniquely identify and correlate your incidents. If omitted, a hash of all attributes is used to uniquely identify the incident.
StatusRequiredOpen, Resolved
SeverityRequiredMinor, Warning, Critical
TitleOptionalIf omitted, defaults to your integration’s name

Optional, additional attribute Keys

TypeDescriptionValues
ImageOptionalBooleanIf your payload includes a URL, you can use this as an additional specification of an object to show the image in All Quiet
Hide in PreviewsOptionalBooleanWhen activated for attributes, these will not be shown in incident email and on the incident overview in Web and App, but only in the incident details.
GroupingOptionalBooleanWhen setting Grouping = true for certain attributes, incidents that have the same values for these attributes will be grouped as long as one of these incidents is open and not resolved. If you set isGroupingKey = true for more than one attribute, incidents will only be grouped if the values for all attributes match. By including “groupingWindowInSeconds” in your mapping, any new incidents that match the grouping criteria will only create incidents within the group within the grouping window that is defined by seconds since last update of any incident in the group. After the grouping window is over, new incidents will create new incident groups and alert your on-call colleagues.

Evaluation Types

Each attribute must hold exactly one of the following evaluation types:
TypeDescription
jsonPathA JSONPath expression to map JSON (goessner.net/articles/JsonPath)
xPathA XPath expression to map HTML or XML. ( w3schools)
regexA regular expression to extract parts of text. The regex is evaluated with the .NET/C# flavor. If groups are matched, the named group “result” is returned. If no group is named “result” the last group is returned. If no groups are found the whole match is returned. ( regex101.com)
mapA simple map expression mapping values from A to B. The expression A->1,B->2,->3 will map the value “A” to “1” and “B” to “2” and fallback to “3” if no match is found. You can also omit the fallback. The result will then evaluate to the original value.
staticA static string. The result will always be this string.

Variables

You can use variables in any of your mappings like this {{ previousIncident.status }}. Variables are evaluated once all mappings within an attribute have been evaluated. The names are case-insensitive. You can reference the current incident with {{ currentIncident.someAttributeName }} and the previous incident with {{ previousIncident.someAttributeName }}.

Common examples

Combine strings of other attributes

To combine the values of the “Category” and “Threshold” attributes use the following attribute mappings:
ConcatenationWithVariables.JSON
{
  "Attributes": [
    {
      "Name": "Category",
      "Mappings": [
        {
          "Static": "Alerts"
        }
      ]
    },
    {
      "Name": "Threshold",
      "Mappings": [
        {
          "Static": "42"
        }
      ]
    },
    {
      "Name": "Combined",
      "Mappings": [
        {
          "Static": "The category is {{ currentIncident.category }} with a threshold of {{ currentIncident.threshold }}"
        }
      ]
    }
  ]
}

JSONPath examples

Extract elements by property To get the value of the “Return-Path” field of the “headers” array, use $.headers[?(@.field=='Return-Path')].value for the following JSON:
JSONPathExample.JSON
{ "headers": [{ "field": "Return-Path", "value": "" }] }

XPath examples

Extract elements by preceding tag value To get the value of the “Server” field, i.e. the value of the td that follows a td with value “Server” use //table/tr[td='Server']/td[2] for the following HTML: 
<body>
    <table>
        <tr>
            <td>Severity</td>
            <td>Critical</td>
        </tr>
        <tr>
            <td>Server</td>
            <td>prod1</td>
        </tr>
    </table>
</body>

Regex examples

To get the value “my-server” after a colon followed by space use [: ](?[^: ]*)$ for the following text:
Any label here: my-server
Note the use of the named group “result”. Since it’s the only group, the naming of the group could also be ommitted.

Duplicating Integrations

If you want to create a new integration based on one you’ve already set up, you can duplicate it via the inbound integrations overview.

How to Use One Integration For Several Teams

This requires a the Routing Rule with “Assign to Team” action which is available on Pro and Enterprise plans.
Here’s how you can send incidents from one integration to multiple teams:
  1. Create a “Root” team. This team is only used to create integrations that are shared across several teams. There should be no on-call schedules for your Root team.
  1. Create the integrations you want to share across multiple teams in your “Root” team.
  1. Create advanced routing rules in the root team. Define for which conditions incidents are assigned to different teams. Below, you can find examples of different routings for incidents created via “Root” team’s AWS CloudWatch integration. In the payload mapping, we added the attribute “Team”. Based on the values of the attribute, we route incidents to different teams:
    1. Condition: Team = Core → Then Action: Assign to Team “Core” → Escalations in Team “Core” start
    2. Condition: Title = Backend → Then Action: Assign to Team “Backend” → Escalations in “Backend” start
Here’s an example for an incident that got routed from “Root” to the team “Core”.
  1. Notice that the incident was created in the “Root” team, the team associated with the AWS CloudWatch integration.
  2. As the incident included the attribute “Team” with value “Core”…
  3. …the incidents was instantly assigned to “Core” team…
  4. …and Core’s Tier 1 members were notified.

Built-in Integrations

Receive alerts from your observability tools. We offer generic email and webhook as well as a growing number of pre-built integrations:

AppSignal

AWS Cloudwatch

Azure Monitor

Checkly

Cisco AppDynamics

Cron Job Monitor

CrowdStrike

Dash0

Datadog

Dynatrace

Elastic Observability

Email

Google Cloud Monitoring

Grafana

Heartbeat Monitor

Honeycomb

Jira

Linear

Microsoft Teams

Netdata

New Relic

Ping Monitor

Pingdom

Prometheus

PRTG Network Monitor

Rollbar

Sentry

SigNoz

Site24x7

Slack

Splunk

UptimeRobot

Webhook

Website / HTTP Monitor

Zabbix

Zapier

Propose a new integration

Didn’t find your tool here? Upvote or add your preferred integration to our roadmap, and we’re happy to ship it. 🚢

API and Webhook Rate Limits

Our current rate limits for all integrations in order to protect the functionality of the platform for all customers: API: 30 unique requests per URL within 20s | Webhook Payloads: 50 requests per integration within 20s