    Alert Central Ticketing


      My company is looking for the ability to both manual and automatically create tickets via emails to our ticketing system. Alert Central will be configured to receive alerts from multiple sources and having it create the tickets makes more sense the multiple integrations. Our NOC is requesting the ability control which alerts generate tickets to prevent too many erroneous tickets from being created. Could this be handled through an escalation or assignment? Critical alerts will need to automatically generate a ticket to remove the possibility of a missed notification. Any help is greatly appreciated.





          You can do this, but you need to make up for a few points where AC is lacking.


          I currently use a ticketing platform called Connectwise, and It has an e-mail collector that allows you to create tickets by sending an e-mail to a predefined e-mail address.

          Here is how I have my POC configured:


          1. Alerting Platform sends alert to Alert Central.
          2. Alert Central checks the From, and sees it's from our automated alerting system. (We want these to create tickets)
            1. If it was from another source, I route it differently.
          3. Once it finds a "Rule" that it fits into, it collects the Device, Severity, Summary, Etc. and sends it to a group configured to create tickets.

                 (This is where the fun starts, and where you need to work around AC)

          In each group, I have a member called "Ticket". I've configured that member to receive alerts in plain text, so our ticketing system formats it correctly.

          • "Ticket" and the other group members are on a calendar.
          • Ticket is on the calendar 24/7, as the others are on it for their availability.


          When the AC alert is generated, It sends it out to everyone on that calendar. This way my ticketing system is notified and creates a ticket, but AC continues to notify everyone else.

          **** You could configure this in just the opposite. If you want certain users to be notified but not have a ticket created, simply create a group that doesn't have "Ticket" in it. ***

          I think my situation is a little complex, but it works. I have the ticketing system send an update e-mail to alert central once the ticket is closed.

          I also have it configured to send an ACK to Alert Central when the status of the ticket is updated. That way, If someone works the ticket before it's Acked in Alert Central, the alert is auto Acked by the ticketing system. This becomes really helpful as some teams don't really want to ACK alerts. All they want is for the on-call staff to be notified vs everyone on their team. If the scheduled employees miss the alert, then it continues along the escalation path and notifies the on-call staff. It can be a awesome thing if configured correctly.

          All of this can be performed by creating server-side mailbox rules that use auto-reply templates.

          I could upload them for you, if you would like.


          So that's a way to generate tickets with Alert Central.

          (Granted, you would need to be using a platform that creates tickets via e-mail.)


          If you want to bypass the ticket creating and just have other notified, then you would need to add another group or play with the calendar to make it work for you.

          Honestly, I've had troubles with Alert Central, but I've always found a way to make it work. You just need to play around with it and make it do what you want it to.


          Best of luck!