Email Integration: Alerting and Incident Management Solutions

Apr 20, 2016 by Berkay Mollamustafaoglu

In the coming weeks OpsGenie will help buyers looking for a reliable, scalable, and customizable alerting and incident management solution by assessing features, toolsets, and functionality in a comprehensive comparison between OpsGenie, Pagerduty, and VictorOps through a series of detailed blog posts. It is our goal to shed light on who does what, and the stark realities between the three popular technologies. OpsGenie will concentrate on areas within our platform that we believe are extremely important when looking for an alerting and incident management solution for the dev&ops and IT community in general. This week we will focus on Email Integration.

PART 1: Email Integration -- A comparative assessment of the direct contrasts between OpsGenie, Pagerduty, and VictorOps. OpsGenie’s email integration enables customers to integrate OpsGenie with any system that can send alerts via email. Email integration is the most commonly used integration method by our customers since it is easy to use and almost any system out there can send emails.

Although our competitors have it as well, our email integration is representative of what differentiates OpsGenie from our competitors; hence, it’s worth doing a comparative analysis with a couple of different use cases.

Case 1: Creating Alerts for any Received Email

The most basic use case is the ability to create an alert and notify users with as little configuration as possible.

OpsGenie

OpsGenie email integration screen

This use case is extremely simple to configure in OpsGenie. It only requires you to specify the email address and the team(s) that the alert will be routed to. With this configuration any alert sent to the specified email address becomes an alert in OpsGenie, and the appropriate people are notified according to the specified team’s policies.

VictorOps

It is also fairly straightforward to support this use case in VictorOps. An email address is automatically generated.

OpsGenie email integration screen

http://victorops.force.com/knowledgebase/articles/Integration/Generic-Email-Integration/

Users can control its routing by adding a routing key to the email address, although it seems “intelligent routing” is only available on the VictorOps Enterprise plan. https://victorops.com/pricing/

Pagerduty

Pagerduty supports email integration as well. Similar to OpsGenie, user can specify the email address and specify an escalation policy to route the alert.

https://www.pagerduty.com/docs/guides/email-integration-guide/

Case 2: Automatically Closing Alerts via Email

Monitoring tools can often send an email when the problem is resolved (Host is up, etc.). The service should be able to recognize the resolution emails and close the alerts automatically using these emails, instead of creating a separate alert for the resolution email.

OpsGenie

OpsGenie supports executing different actions when an email is received. Based on the content of the email, OpsGenie can create an alert, close it, acknowledge the alert, or add a note to it.

To accomplish executing these actions on existing alerts, OpsGenie provides an alert field (alias) to uniquely identify the “open alerts.” When the resolution email comes in, OpsGenie can identify the existing alert using the alias field, and close the alert.

To configure this behavior, an “advanced” configuration mode is used. This configuration mode exposes all configuration options, enabling customers to control how the email is processed. Email fields (subject, message, etc.) are provided as variables that can be used in filter conditions and set alert field values. Integration also supports using string processing methods to extract strings from email content.

OpsGenie close alert via email

VictorOps

VictorOps supports an automatic resolution of incidents, but only if the email subject contains predefined keywords. It creates an incident if the email subject has CRITICAL or PROBLEM and resolves the incident if the subject contains RESOLVED or OK.

In addition, automatic resolution works if the subjects of emails are exactly the same except for the predefined words. If the wording of the subject of the emails is different, if the subject has a date, etc. then the solution will not work (as indicated in the “important note” section).

http://victorops.force.com/knowledgebase/articles/Integration/Generic-Email-Integration

Pagerduty

Pagerduty also supports automatically resolving supports triggering and resolving incidents from emails using custom rules.

Pagerduty close alert via email

https://support.pagerduty.com/hc/en-us/articles/203232630-Getting-Started-with-Email-Management-How-to-Automatically-Resolve-Incidents-Triggered-via-Email

Case 3: Deduplication

The number of monitoring tools that periodically send emails when there is a problem. Although its intention is good, creating an alert for each email gets messy very fast. The service should be able to reduce the noise and create only one alert for these emails, aka deduplication.

OpsGenie

OpsGenie provides a highly flexible mechanism to deduplicate alerts. The alert alias field is used as a primary identifier for open alerts. Customers can set the value for the alias field in the integration configuration. When processing emails, the alias can be set as the subject, body, from or to fields of the email. In addition, integrations support using string processing methods such as substringBefore, substringBetween as well as regular expressions to extract any part of the email (from subject or body) and use as the alias field to deduplicate alerts.

OpsGenie string processing methods

In addition, integration strips are common prefixes used when an email is replied to, forwarded to, etc. and provides the “Conversation Subject” field to make it easier to deduplicate these emails.

VictorOps

VictorOps does not seem to have a configurable deduplication solution. It only deduplicates if the subject of the emails are exactly the same, except with the predefined keywords as described above. This approach is limited, at best, if you don’t have control over the content of the email (which is often the case).

Pagerduty

Pagerduty also supports deduplication using the incident key field. As it is the case for OpsGenie, Pagerduty allows parsing the email content and extract subset of the data to use as the incident key.

Case 4: Filtering

Customers often need to be able to control which emails should be allowed to create alerts. They may need to filter alerts based on the sender, only allow emails from certain addresses, or email content.

OpsGenie

OpsGenie’s email integration supports filtering out unwanted emails. Using the “ignore” action, customers can define rules to ignore emails based on the sender’s address, name, email subject, or body.

OpsGenie filtering out unwanted emails

VictorOps

VictorOps does not seem to have any means to filter out emails.

Pagerduty

Pagerduty supports discarding unwanted emails.

https://support.pagerduty.com/hc/en-us/articles/202830380-Setting-up-regular-expression-filters-in-your-PagerDuty-service

As you can imagine, we believe the capabilities OpsGenie offers for email integration are essential. You may or may not need them day one, but they are there if you do. The flexibility ensures that the solution can meet your current as well as your future needs.

Did we get anything wrong? Help us correct any mistakes in this analysis and we’ll send you a gift card or donate to your fav charity on your behalf!

Try OpsGenie for free!