Incident Parameters
Incident parameters in Site24x7 are predefined tokens (macros) that dynamically insert contextual data into third-party notifications, alert messages, notifications, and IT automations. These tokens retrieve real-time monitor and outage details, such as monitor name, alert status, time of incident, and root cause, enabling you to create informative and customized alerts.
Incident parameters can be applied to:
- IT automation templates: To dynamically pass incident-specific details during automated remediation.
- Third-party integrations: To share incident context with external tools like Slack, Teams, or ticketing systems.
- Email templates: To customize alert notifications with real-time incident data.
Use cases
- Accelerate incident communication and response by auto-filling third-party integration tools like Jira or Webhook with real-time incident data.
- Trigger precise IT automations by passing relevant values like status or reason to webhooks and scripts.
- Enhance alert clarity with contextual information for faster triage and resolution.
Configuring incident parameters
- Log in to Site24x7.
- Navigate to Admin > IT Automation Templates > Add Automation Templates.
- In the Add Automation Template screen, select the Type as Invoke URL/REST API.
- Enter a suitable Display Name and provide the target URL.
- Choose the desired HTTP Method from POST, GET, PUT, DELETE, or PATCH.
- Add any HTTP Request Headers by specifying key–value pairs in the Header Name and Header Value fields.
- Click the + icon to add more HTTP Request Headers.
- Provide the desired User Agent string if required by the external system.
- Select the Authentication Method—either Basic/NTLM or OAuth—and provide the corresponding Username and Password, if needed.
- To include real-time alert data, select Send Incident Parameters. This will auto-fill the predefined fields in the request payload.
- Add multiple pairs using & as a separator.
- Set a Timeout for the request (e.g., 15 seconds).
- Choose whether you want to Send the Automation Result via Email by toggling Yes or No.
- Click Save to complete and activate the automation.
Supported incident parameters in Site24x7
Here are the tokens supported in Site24x7 and their meaning:
Parameter | What it shows |
$STATUS | Monitor status (DOWN, UP, CRITICAL, or TROUBLE) |
$MONITORTYPE | The type of monitor (URL, PING, FTP, DNS, etc.) |
$MONITORNAME | The monitor’s display name |
$MONITORURL | The URL or resource being monitored |
$INCIDENT_TIME | The time of the incident |
$INCIDENT_REASON | Root cause or error message |
$INCIDENT_DETAILS | Any additional context |
$FAILED_LOCATIONS | Locations where the monitor failed |
$MONITOR_DASHBOARD_LINK | The direct link to the specific monitor’s dashboard |
$TAGS | Tags added to the monitor |
$MONITOR_GROUPNAME | The monitor group name at the time of alert |
$OUTAGE_TIME_UNIX_FORMAT | The UNIX timestamp of the outage |
$FAILED_CHILD_RESOURCE | The failed child resource (like interface name) |
$RCA_LINK | The link to the root cause analysis |
$OUTAGE_DURATION | The duration of the previous outage when there's a status change |
$ALERT_TIME | The time at which the alert triggered |
$ALERT_TIME_IN_TEXT | The time at which the alert was triggered in text format |
Best practices for incident parameters
- Strictly adhere to the format: Both the key and value should be within quotation marks and in a proper JSON format.
- Use only where relevant: Include incident parameters in templates (like email subjects, webhook payloads, or automation) where real-time context is needed—such as monitor name, status, and incident time.
- Choose specific tokens: Select only the parameters you need to keep the output concise and avoid clutter.
- Validate token compatibility: Ensure third-party tools can interpret the values passed by Site24x7's tokens.
- Test before deploying: Use a test monitor to trigger alerts and confirm that the tokens resolve correctly in the outgoing requests.
- Use meaningful combinations: For example, combining $MONITORNAME, $STATUS, and $INCIDENT_TIME in webhook messages gives better clarity in logs or external tools.