Skip to main content

Overview

Easyalert automatically detects and processes HTTP Request Action webhooks from Splunk AppDynamics.

Requirements

  • Splunk AppDynamics account (SaaS or On-Premises)
  • Easyalert account and active tenant
  • Admin or Account Owner permissions in AppDynamics

Setup Instructions

1

Create Integration in Easyalert

  1. Go to Integrations page from left menu
  2. Click Add Integration button
  3. Select AppDynamics as Source Type
  4. Enter a name (e.g., AppDynamics Production)
  5. Click Create to save
  6. Copy the generated Webhook URL
Example: https://api.easyalert.io/api/v1/webhooks/ingest/wh_abc123...
2

Create HTTP Request Template

Go to Alert & Respond → HTTP Request Templates → New
FieldValue
NameEasyalert Webhook
Request URLYour Webhook URL
MethodPOST
MIME Typeapplication/json
3

Configure Payload Template

Use this recommended payload:
{
  "event_name": "${latestEvent.displayName}",
  "event_guid": "${latestEvent.guid}",
  "event_id": "${latestEvent.id}",
  "policy": "${policy.name}",
  "event_time": "${latestEvent.eventTime}",
  "app_id": "${latestEvent.application.id}",
  "app_name": "${latestEvent.application.name}",
  "event_message": "${latestEvent.eventMessage}",
  "severity": "${latestEvent.severity}",
  "event_deep_link": "${latestEvent.deepLink}",
  "controller_url": "${controllerUrl}",
  "node_id": "${latestEvent.node.id}",
  "node_name": "${latestEvent.node.name}",
  "summary": "${latestEvent.summaryMessage}",
  "event_type": "${latestEvent.eventType}",
  "tier_id": "${latestEvent.tier.id}",
  "tier_name": "${latestEvent.tier.name}",
  "health_rule_id": "${latestEvent.healthRule.id}",
  "health_rule_name": "${latestEvent.healthRule.name}",
  "incident_id": "${latestEvent.incident.id}",
  "account_name": "${account.name}",
  "customer": "YOUR_CUSTOMER_NAME",
  "team": "YOUR_TEAM_NAME",
  "environment": "production"
}
4

Create Action

  1. Go to Alert & Respond → Actions → Create
  2. Action Type: HTTP Request
  3. Name: Easyalert Notification
  4. HTTP Request Template: Easyalert Webhook
  5. Click Save
5

Attach to Policy

  1. Go to Alert & Respond → Policies
  2. Edit or create a policy
  3. In Actions section:
    • On Policy Open - Warning → Easyalert Notification
    • On Policy Open - Critical → Easyalert Notification
    • On Policy Close → Easyalert Notification

Template Variables

AppDynamics uses Apache Velocity syntax (${variable}):
VariableDescription
${latestEvent.eventType}Event type (POLICYOPEN*, etc.)
${latestEvent.id}Event ID
${latestEvent.guid}Event GUID
${latestEvent.displayName}Event display name
${latestEvent.severity}Severity (INFO, WARN, ERROR)
${latestEvent.summaryMessage}Event summary
${latestEvent.eventMessage}Event message
${latestEvent.application.name}Application name
${latestEvent.tier.name}Tier name
${latestEvent.node.name}Node name
${latestEvent.healthRule.name}Health rule name
${latestEvent.incident.id}Incident ID
${policy.name}Policy name
${latestEvent.deepLink}Link to event in AppDynamics
${controllerUrl}Controller URL
${account.name}Account name

Field Mapping

AppDynamics FieldEasyalert Field
incident_id / event_idEvent ID
event_name / summaryTitle
summary / event_messageDescription
event_typeStatus mapping
severitySeverity
node_name / tier_nameHost
app_nameService
event_deep_linkURL

Event Types and Status Mapping

Event TypeEasyalert Status
POLICY_OPEN_WARNINGProblem
POLICY_OPEN_CRITICALProblem
POLICY_CONTINUES_WARNINGProblem
POLICY_CONTINUES_CRITICALProblem
POLICY_UPGRADEDProblem
POLICY_DOWNGRADEDProblem
POLICY_CLOSE_*OK
POLICY_CANCELED_*OK

Severity Mapping

AppDynamics SeverityEasyalert Severity
ERRORCritical
WARNWarning
INFOInfo

Custom Field → Tag Conversion

All custom fields you add to the template are automatically captured as tags.

Example

Added to template: 
{
  ...
  "customer": "AcmeCorp",
  "team": "backend",
  "datacenter": "EU-West",
  "cost_center": "CC-1234"
}
In Easyalert: 
tags.customer = "AcmeCorp"
tags.team = "backend"
tags.datacenter = "EU-West"
tags.cost_center = "CC-1234"

Routing Examples

Escalation Routing: 
tags.customer equals "AcmeCorp" → Acme Corp Policy
tags.app_name equals "Payment Service" → Payment Team Policy
tags.environment equals "production" → Production Policy
Notification Rules: 
tags.severity equals "ERROR" → call + sms + email
tags.tier_name equals "Database" → DBA Team channel

Test

curl -X POST "YOUR_WEBHOOK_URL" \
  -H "Content-Type: application/json" \
  -d '{
    "event_name": "High CPU Alert",
    "event_guid": "test-123",
    "event_type": "POLICY_OPEN_CRITICAL",
    "severity": "ERROR",
    "app_name": "TestApp",
    "node_name": "server-01",
    "summary": "CPU exceeded 90%",
    "event_deep_link": "https://appdynamics.example.com",
    "incident_id": "INC-001",
    "customer": "TestCustomer",
    "team": "test-team"
  }'

Troubleshooting

  1. Verify HTTP Request Template is configured correctly 2. Check that action is added to the policy 3. Verify health rule is enabled and triggering 4. Test template from AppDynamics UI
  1. Verify field is added to webhook payload template 2. Check field name spelling 3. View webhook samples in Easyalert
  1. Verify “On Policy Close” action is configured in policy 2. Check incident_id is consistent between open and close events 3. Ensure event_type includes POLICY_CLOSE events
  1. Ensure variables include node and tier 2. Some events may not have node-level data 3. Use tier as fallback when node is empty
  1. Test template with “Test” button in AppDynamics 2. Check variable syntax (Apache Velocity) 3. Ensure all referenced fields exist

Best Practices

Use incident_id for event correlation to properly group and resolve related alerts.
Include close/cancel events in your policy to automatically resolve incidents in Easyalert.
Include customer, team, environment in payload for escalation routing.
Monitor business transaction health for business-impact visibility.