LogoLogo
Login to CortexBook a DemoCortex Academycortex.io
  • Cortex Docs
  • Cortex Quick Start
  • Ingesting data into Cortex
    • Managing Entities
      • Adding entities
        • Add services
        • Add domains
        • Add teams
        • Add custom entity types
        • Defining dependencies
      • Entity details page
      • Defining ownership
      • Defining relationship types
      • Grouping entities
      • Adding external documentation
      • Adding Deploy data
      • Adding custom data
      • Viewing discovered entities
      • Archiving entities
      • Relationship graph
      • Using On-call Assistant for incidents
      • Managing Terraform infra in Cortex
    • Managing Catalogs
    • Integrations
      • Internally hosted integrations
      • ArgoCD
      • AWS
      • Azure DevOps
      • Azure Resources
      • BambooHR
      • Bitbucket
      • BugSnag
      • Buildkite
      • Checkmarx
      • CircleCI
      • ClickUp
      • Codecov
      • Coralogix
      • Custom webhook integrations
      • Datadog
      • Dynatrace
      • Entra ID (Azure AD)
      • FireHydrant
      • GitHub
      • GitLab
      • Google
      • Grafana
      • incident.io
      • Instana
      • Jenkins
      • Jira
      • Kubernetes
      • LaunchDarkly
      • Lightstep
      • Mend
      • Microsoft Teams
      • New Relic
      • Okta
      • Opsgenie
      • PagerDuty
      • Prometheus
      • Rollbar
      • Rootly
      • Sentry
      • ServiceNow
      • Slack
      • Snyk
      • SonarQube
      • Splunk Observability Cloud (SignalFx)
      • Splunk On-Call (VictorOps)
      • Sumo Logic
      • Veracode
      • Wiz
      • Workday
      • xMatters
  • Scorecards
    • Initiatives and Action items
      • Creating issues based on Initiatives
    • Scorecard rule exemptions
    • Scorecard rule filters
    • Scorecard examples
    • Scorecards as code
  • Reports
    • Executive report
    • All Scorecards report
    • Bird's eye report
    • Progress report
    • Report card
  • Eng Intelligence
    • Custom Metrics
    • Jira Metrics
    • Metrics Explorer (Beta)
  • Cortex Query Language (CQL)
    • Using CQL reports
    • Using JQ in Cortex
  • Workflows
    • Creating a Workflow
      • Workflows as code
    • Blocks
    • Running a Workflow
    • Registering a Scaffolder template
      • Scaffolder advanced usage
    • Using a Workflow to sync in ArgoCD
    • Kicking off a Jenkins pipeline in a Workflow
    • Calling internal service endpoints in a Workflow
  • Plugins
    • Creating a plugin
      • Creating a plugin proxy
    • Migrating Backstage plugins to Cortex
  • Engineering homepage
  • Workspace Settings
    • Using GitOps for Cortex
      • GitOps logs
    • Managing users
      • Roles and permissions
        • Custom roles
        • Team ownership entity editing
      • Configuring SSO
        • Microsoft Entra ID
        • Google
        • Other OIDC providers
        • Okta
          • Okta SCIM
      • Configuring identity mappings
      • Onboarding management
    • API keys, secrets, and tokens
      • Secrets
      • Personal tokens
    • Audit logs
    • Entity settings
      • Data verification
      • Auto archiving entities
    • IP allowlist
    • Notifications
      • Notification logs
    • Customizing your workspace
    • Using search in Cortex
  • Cortex API
    • REST API operations
      • API Keys
      • Audit Logs
      • Catalog Entities
      • Custom Data
        • Custom Data (Advanced)
      • Custom Events
      • Custom Metrics
      • Dependencies
      • Deploys
      • Discovery Audit
      • Docs
      • Eng Intel: User Labels
      • Entity Relationship Types (Beta)
      • Entity Relationships (Beta)
      • Entity Types
      • GitOps Logs
      • Groups
      • Initiatives
      • Integrations APIs
        • Azure Active Directory (Entra ID) API
        • Azure Resources API
        • AWS API
        • Azure DevOps API
        • CircleCI API
        • Coralogix API
        • Datadog API
        • GitHub API
        • GitLab API
        • incident.io API
        • LaunchDarkly API
        • New Relic API
        • PagerDuty API
        • Prometheus API
        • SonarQube API
      • IP Allowlist
      • Notification Logs
      • On call
      • Packages
      • Plugins
      • Queries
      • SCIM
      • Scorecards
      • Secrets
      • Team Hierarchies
      • Teams
      • Workflows
Powered by GitBook
On this page
  • Setup and configuration
  • Registration
  • Expected results
  • Trigger an incident
  • Scorecards and CQL
  • Still need help?​

Was this helpful?

Export as PDF
  1. Ingesting data into Cortex
  2. Integrations

FireHydrant

Last updated 2 months ago

Was this helpful?

is an incident management platform that emphasizes reliability and consistency across the entire incident response lifecycle. By integrating FireHydrant with Cortex, you can drive insights into past incidents and directly from the platform.

Setup and configuration

Getting started

In order to connect Cortex to your FireHydrant instance, you’ll need to create a .

Configuration

Once you've created the API key, you can add it under API token in in Cortex. After you've pasted in the API key, click save.

Registration

See the for instructions on importing entities.

Entity descriptor

For a given entity, you can define FireHydrant services by ID or slug. Each of these has the same field definitions.

Field
Description
Required

identifier

Service ID or slug

✓

identifierType

Type of identifier (ID or SLUG)

✓

x-cortex-firehydrant:
  services:
    - identifier: ASDF1234
      identifierType: ID

You can find the service ID value by visiting FireHydrant → Catalog → Services. The URL for the service will also contain the ID (e.g. https://app.firehydrant.io/catalog/services//incidents).

If you prefer to use the service slug in the registration instead, you can find it on the right-hand side of the service page in FireHydrant.

x-cortex-firehydrant:
  services:
    - identifier: service-slug
      identifierType: SLUG

Expected results

Entity pages

When active incidents are detected in FireHydrant, Cortex will display incident information on an entity's details page in the Overview tab. .

On-call and incidents

Detected incidents will appear in the entity's On-call & incidents page.

Each issue will be listed with its title and description (when available). Cortex will also display the status for an issue as a badge next to its name:

  • Acknowledged

  • Closed

  • Detected

  • Identified

  • Investigating

  • Mitigated

  • Postmortem completed

  • Postmortem started

  • Resolved

  • Started

The issue's severity will also appear in a badge (e.g. SEV0, SEV1, SEV2).

Trigger an incident

While viewing an entity in Cortex, you can trigger an incident in FireHydrant:

  1. In Cortex, navigate to an entity. On the left side of an entity details page, click On-call & incidents.

  2. In the upper right side of the entity's "On-call" page, click Trigger incident.

  3. Configure the incident modal:

    • Summary: Enter a title for the incident.

    • Description: Enter a description of the incident.

    • Severity: Select a severity level.

    • Condition: Nature of the incident - Unavailable, Partially Unavailable, Degraded, Bug, or Operational.

  4. At the bottom of the modal, click Trigger incident.

    • A confirmation screen will appear. In the confirmation, click the link to view the incident in FireHydrant.

Scorecards and CQL

With the FireHydrant integration, you can create Scorecard rules and write CQL queries based on FireHydrant incidents.

Check if FireHydrant service is se

Check if entity has a registered FireHydrant service in its entity descriptor. If no registration exists, we'll try to automatically detect which corresponding FireHydrant service is associated with the entity.

Definition: firehydrant (==/!=) null

Example

For a Scorecard focused an production readiness, you can use this expression to make sure a FireHydrant service - and thus incident response - is defined for entities:

firehydrant != null

This is also a good way to make sure over time that FireHydrant is set up properly and reporting frequently.

Incidents

List of incidents, filterable on severity and status.

  • Created at

  • Description

  • Impact condition name

  • Name

  • Severity

  • Status

Definition: firehydrant.incidents()

Examples

For a Scorecard focused on service maturity or quality, you can use this expression to make sure there are no detected or identified FireHydrant incidents with a severity rating of 1 for a given entity:

firehydrant.incidents(severity = ["SEV1"], statuses = ["Detected", "Identified"]).length == 0

You can also tier severity-based rules to indicate progress over time. While the above rule might make sense in the first or second level, a higher-severity rule might make sense in a higher level:

firehydrant.incidents(severity = ["SEV3"], statuses = ["Detected", "Identified"]).length == 0

The following options are available to get assistance from the Cortex Customer Engineering team:

  • Chat: Available in the Resource Center

  • Slack: Users with a connected Slack channel will have a workflow added to their account. From here, you can either @CortexTechnicalSupport or add a :ticket: reaction to a question in Slack, and the team will respond directly.

Don’t have a Slack channel? Talk with your Customer Success Manager.

See more examples in the in Cortex.

Still need help?

Email: , or open a support ticket in the in app Resource Center

CQL Explorer
​
help@cortex.io
FireHydrant
FireHydrant API key
FireHydrant settings
trigger new incidents
Create services documentation