Help Docs

Incident Parameters

Incident parameters in Site24x7 are predefined tokens (macros) that dynamically insert contextual data into third-party notifications, alert messages, notifications, and IT automations. These tokens retrieve real-time monitor and outage details, such as monitor name, alert status, time of incident, and root cause, enabling you to create informative and customized alerts.

Incident parameters can be applied to:

Use cases

  • Accelerate incident communication and response by auto-filling third-party integration tools like Jira or Webhook with real-time incident data.
  • Trigger precise IT automations by passing relevant values like status or reason to webhooks and scripts.
  • Enhance alert clarity with contextual information for faster triage and resolution.

Configuring incident parameters

  1. Log in to Site24x7.
  2. Navigate to Admin > IT Automation Templates > Add Automation Templates.
  3. In the Add Automation Template screen, select the Type as Invoke URL/REST API.
  4. Enter a suitable Display Name and provide the target URL.
  5. Choose the desired HTTP Method from POST, GET, PUT, DELETE, or PATCH.
  6. Add any HTTP Request Headers by specifying key–value pairs in the Header Name and Header Value fields.
  7. Click the + icon to add more HTTP Request Headers.
  8. Provide the desired User Agent string if required by the external system.
  9. Select the Authentication Method—either Basic/NTLM or OAuth—and provide the corresponding Username and Password, if needed.
  10. To include real-time alert data, select Send Incident Parameters. This will auto-fill the predefined fields in the request payload.
  11. Add multiple pairs using & as a separator.
  12. Set a Timeout for the request (e.g., 15 seconds).
  13. Choose whether you want to Send the Automation Result via Email by toggling Yes or No.
  14. Click Save to complete and activate the automation.

Supported incident parameters in Site24x7

Here are the tokens supported in Site24x7 and their meaning:

Parameter What it shows
$STATUS  Monitor status (DOWN, UP, CRITICAL, or TROUBLE)
$MONITORTYPE  The type of monitor (URL, PING, FTP, DNS, etc.)
$MONITORNAME  The monitor’s display name
$MONITORURL  The URL or resource being monitored
$INCIDENT_TIME  The time of the incident
$INCIDENT_REASON  Root cause or error message
$INCIDENT_DETAILS Any additional context
$FAILED_LOCATIONS  Locations where the monitor failed
$MONITOR_DASHBOARD_LINK  The direct link to the specific monitor’s dashboard
$TAGS  Tags added to the monitor
$MONITOR_GROUPNAME  The monitor group name at the time of alert
$OUTAGE_TIME_UNIX_FORMAT The UNIX timestamp of the outage
$FAILED_CHILD_RESOURCE The failed child resource (like interface name)
$RCA_LINK  The link to the root cause analysis
$OUTAGE_DURATION The duration of the previous outage when there's a status change
$ALERT_TIME The time at which the alert triggered
$ALERT_TIME_IN_TEXT The time at which the alert was triggered in text format

Best practices for incident parameters

  • Strictly adhere to the format: Both the key and value should be within quotation marks and in a proper JSON format.
  • Use only where relevant: Include incident parameters in templates (like email subjects, webhook payloads, or automation) where real-time context is needed—such as monitor name, status, and incident time.
  • Choose specific tokens: Select only the parameters you need to keep the output concise and avoid clutter.
  • Validate token compatibility: Ensure third-party tools can interpret the values passed by Site24x7's tokens.
  • Test before deploying: Use a test monitor to trigger alerts and confirm that the tokens resolve correctly in the outgoing requests.
  • Use meaningful combinations: For example, combining $MONITORNAME, $STATUS, and $INCIDENT_TIME in webhook messages gives better clarity in logs or external tools.

What are incident parameters and custom parameters?

Was this document helpful?

Would you like to help us improve our documents? Tell us what you think we could do better.


We're sorry to hear that you're not satisfied with the document. We'd love to learn what we could do to improve the experience.


Thanks for taking the time to share your feedback. We'll use your feedback to improve our online help resources.

Shortlink has been copied!