LogoLogo
Login to CortexBook a DemoCortex Academycortex.io
  • Cortex Docs
  • Cortex Quick Start
  • Ingesting data into Cortex
    • Managing Entities
      • Adding entities
        • Add services
        • Add domains
        • Add teams
        • Add custom entity types
        • Defining dependencies
      • Entity details page
      • Defining ownership
      • Defining relationship types
      • Grouping entities
      • Adding external documentation
      • Adding Deploy data
      • Adding custom data
      • Viewing discovered entities
      • Archiving entities
      • Relationship graph
      • Using On-call Assistant for incidents
      • Managing Terraform infra in Cortex
    • Managing Catalogs
    • Integrations
      • Internally hosted integrations
      • ArgoCD
      • AWS
      • Azure DevOps
      • Azure Resources
      • BambooHR
      • Bitbucket
      • BugSnag
      • Buildkite
      • Checkmarx
      • CircleCI
      • ClickUp
      • Codecov
      • Coralogix
      • Custom webhook integrations
      • Datadog
      • Dynatrace
      • Entra ID (Azure AD)
      • FireHydrant
      • GitHub
      • GitLab
      • Google
      • Grafana
      • incident.io
      • Instana
      • Jenkins
      • Jira
      • Kubernetes
      • LaunchDarkly
      • Lightstep
      • Mend
      • Microsoft Teams
      • New Relic
      • Okta
      • Opsgenie
      • PagerDuty
      • Prometheus
      • Rollbar
      • Rootly
      • Sentry
      • ServiceNow
      • Slack
      • Snyk
      • SonarQube
      • Splunk Observability Cloud (SignalFx)
      • Splunk On-Call (VictorOps)
      • Sumo Logic
      • Veracode
      • Wiz
      • Workday
      • xMatters
  • Scorecards
    • Initiatives and Action items
      • Creating issues based on Initiatives
    • Scorecard rule exemptions
    • Scorecard rule filters
    • Scorecard examples
    • Scorecards as code
  • Reports
    • Executive report
    • All Scorecards report
    • Bird's eye report
    • Progress report
    • Report card
  • Eng Intelligence
    • Custom Metrics
    • Jira Metrics
    • Metrics Explorer (Beta)
  • Cortex Query Language (CQL)
    • Using CQL reports
    • Using JQ in Cortex
  • Workflows
    • Creating a Workflow
      • Workflows as code
    • Blocks
    • Running a Workflow
    • Registering a Scaffolder template
      • Scaffolder advanced usage
    • Using a Workflow to sync in ArgoCD
    • Kicking off a Jenkins pipeline in a Workflow
    • Calling internal service endpoints in a Workflow
  • Plugins
    • Creating a plugin
      • Creating a plugin proxy
    • Migrating Backstage plugins to Cortex
  • Engineering homepage
  • Workspace Settings
    • Using GitOps for Cortex
      • GitOps logs
    • Managing users
      • Roles and permissions
        • Custom roles
        • Team ownership entity editing
      • Configuring SSO
        • Microsoft Entra ID
        • Google
        • Other OIDC providers
        • Okta
          • Okta SCIM
      • Configuring identity mappings
      • Onboarding management
    • API keys, secrets, and tokens
      • Secrets
      • Personal tokens
    • Audit logs
    • Entity settings
      • Data verification
      • Auto archiving entities
    • IP allowlist
    • Notifications
      • Notification logs
    • Customizing your workspace
    • Using search in Cortex
  • Cortex API
    • REST API operations
      • API Keys
      • Audit Logs
      • Catalog Entities
      • Custom Data
        • Custom Data (Advanced)
      • Custom Events
      • Custom Metrics
      • Dependencies
      • Deploys
      • Discovery Audit
      • Docs
      • Eng Intel: User Labels
      • Entity Relationship Types (Beta)
      • Entity Relationships (Beta)
      • Entity Types
      • GitOps Logs
      • Groups
      • Initiatives
      • Integrations APIs
        • Azure Active Directory (Entra ID) API
        • Azure Resources API
        • AWS API
        • Azure DevOps API
        • CircleCI API
        • Coralogix API
        • Datadog API
        • GitHub API
        • GitLab API
        • incident.io API
        • LaunchDarkly API
        • New Relic API
        • PagerDuty API
        • Prometheus API
        • SonarQube API
      • IP Allowlist
      • Notification Logs
      • On call
      • Packages
      • Plugins
      • Queries
      • SCIM
      • Scorecards
      • Secrets
      • Team Hierarchies
      • Teams
      • Workflows
Powered by GitBook
On this page
  • How to configure incident.io with Cortex
  • Prerequisites
  • Configure the integration in Cortex
  • How to connect Cortex entities to incident.io
  • Discovery
  • Editing the entity descriptor
  • Trigger an incident
  • Expected results
  • Scorecards and CQL
  • Still need help?​

Was this helpful?

Export as PDF
  1. Ingesting data into Cortex
  2. Integrations

incident.io

Last updated 2 months ago

Was this helpful?

is an incident management and alerting platform.

Integrating incident.io with Cortex allows you to:

  • directly from Cortex

  • View incident data on entity pages in Cortex

  • Create that track progress and drive alignment on projects involving incidents

How to configure incident.io with Cortex

Prerequisites

Before getting started:

  • Create an with the following scopes:

    • Create incidents

    • View all incident data, including private incidents

    • View data like public incidents and organization settings

    • View catalog types and entries

Configure the integration in Cortex

  1. In Cortex, navigate to the :

    1. In Cortex, click your avatar in the lower left corner, then click Settings.

    2. Under "Integrations," click incident.io.

  2. Click Add configuration.

  3. Configure the incident.io integration form:

    • Account alias: Enter the alias for your configuration.

    • API key: Enter your incident.io API key.

  4. Click Save.

Once you save your configuration, you'll see it listed on the integration's settings page in Cortex. If you’ve set everything up correctly, you’ll see the option to Remove Integration in Settings.

You can also use the Test all configurations button to confirm that the configuration was successful. If your configuration is valid, you’ll see a banner that says “Configuration is valid. If you see issues, please see documentation or reach out to Cortex support.”

The incident.io integration has multi-account support. You can add a configuration for each additional instance by repeating the process above.

Each configuration requires an alias, which Cortex uses to correlate the designated instance with registrations for various entities. Registrations can also use a default configuration without a listed alias. You can edit aliases and default configurations from the incident.io page in your Cortex settings. Select the edit icon next to a given configuration and toggle Set as default on. If you only have one configuration, it will automatically be set as the default.

How to connect Cortex entities to incident.io

Discovery

By default, Cortex will try to "best-guess" the corresponding custom field value in incident.io for all catalog-based custom fields.

Cortex first looks up a custom field values using the name (e.g. My Entity), then the entity identifier (e.g. my-entity). For example, if your entity name is "My Entity," then the corresponding custom tag field in incident.io should either be "My Entity" or "my-entity."

Editing the entity descriptor

x-cortex-incident-io:
  customFields:
  - name: Entity
    value: My Entity
    alias: my-default-alias
Field
Description
Required

name

Name for the entity (from customFieldName)

✓

value

Display name for the entity in Cortex

✓

alias

Alias for the configuration in Cortex (only needed if you have opted into multi-account support)

x-cortex-incident-io:
  customFields:
  - id: Entity_ID
    value: my-second-entity
    alias: my-other-alias
Field
Description
Required

id

ID for the entity (from customFieldID)

✓

value

Tag for the entity in Cortex

✓

alias

Alias for the configuration in Cortex (only needed if you have opted into multi-account support)

Trigger an incident

While viewing an entity in Cortex, you can trigger an incident in incident.io:

  1. In Cortex, navigate to an entity. On the left side of an entity details page, click On-call & incidents.

  2. In the upper right side of the entity's "On-call" page, click Trigger incident.

  3. Configure the incident modal:

    • Summary: Enter a title for the incident.

    • Description: Enter a description of the incident.

    • Severity: Select a severity level.

  4. At the bottom of the modal, click Trigger incident.

    • A confirmation screen will appear. In the confirmation, click the link to view the incident in incident.io.

Expected results

Entity pages

Once the integration is set up, incident data will appear on entity details pages.

Active incidents detected in incident.io will appear on an entity's details page in the Operations block under the Overview tab. More detailed information is also available under the Operations tab.

Integrations - incident.io

Incident data will also be pulled into the incident.io page under the On-call & incidents page in the entity's sidebar.

Scorecards and CQL

With the incident.io integration, you can create Scorecard rules and write CQL queries based on incident.io incidents.

Check if incident.io service is set

Check if entity has a registered incident.io custom field value in its entity descriptor.

If no registration exists, Cortex will try to automatically detect which corresponding incident.io custom field value is associated with the entity.

Definition: incidentio (==/!=) null

Example

For a Scorecard focused on operational maturity, you can use this expression to make sure each entity has an incident.io project set:

incidentio != null
Incidents

List incidents, filterable by severity and status.

  • Created at

  • Mode

  • Name

  • Severity

  • Status

  • Summary

  • Type

  • URL

Definition: incidentio.incidents()

Examples

To assess entities' health in a Scorecard, you can write a rule to make sure a given entity has fewer than three incidents with a severity of SEV1:

incidentio.incidents(severity = ["SEV1"]).length < 3

You can also use this expression to query for entities that have two or fewer critical incidents in the last three months:

  incidentio.incidents(severity = ["Critical"]).filter((incident) => incident.createdAt.fromNow() > duration("-P90D")).length <= 2

The following options are available to get assistance from the Cortex Customer Engineering team:

  • Chat: Available in the Resource Center

  • Slack: Users with a connected Slack channel will have a workflow added to their account. From here, you can either @CortexTechnicalSupport or add a :ticket: reaction to a question in Slack, and the team will respond directly.

Don’t have a Slack channel? Talk with your Customer Success Manager.

Configure the integration for multiple incident.io accounts

See more examples in the in Cortex.

Still need help?

Email: , or open a support ticket in the in app Resource Center

​
CQL Explorer
​
help@cortex.io
incident.io
incident.io API key
incident.io settings page
Trigger an incident
Scorecards