Prometheus/Alertmanager/ST2- How to extract values from json(from webhook trigger) and pass it to next task in workflow

Hello. I’m new to stackstorm. I have alertmanager setup with stackstorm webhook as receiver( when alert trigger it will post below data to st2 webhook) …I’m trying to setup a workflow to extract values( here I’m trying to get service and host from below json/labels ) from the trigger json and publish it to a value which can be used in later tasks in workflow( like restart service on remot host using ansible). How can I extract values and publish ?? TIA

{
“status”: “processed”,
“occurrence_time”: “2020-12-15T20:38:27.000000Z”,
“trigger”: “core.2cdd5c9e-2c4b-427d-99a8-666dceb91da5”,
“id”: “5fd91ec3643dbbbefdb548e1”,
“payload”: {
“body”: {
“status”: “firing”,
“groupLabels”: {
“alertname”: “system unreachable”,
“service”: “telegraf”
},
“groupKey”: “{}/{receiver=“stackstorm”}:{alertname=“system unreachable”, service=“telegraf”}”,
“commonAnnotations”: {
“identifier”: “some.fqdn.net:9126”,
“description”: " system has been unreachable for more than 5 minutes."
},
“alerts”: [
{
“status”: “firing”,
“labels”: {
“severity”: “critical”,
“service”: “telegraf”,
“host”: “some.fqdn.net:9126”,
“environment”: “Development”,
“instance”: “some.fqdn.net:9126”,
“job”: “dev-telegraf”,
“alertname”: “system unreachable”,
“receiver”: “stackstorm”
},
“endsAt”: “0001-01-01T00:00:00Z”,
“generatorURL”: “http://prometheus.alertmanager.fqdn.net:9090/graph?g0.expr=up{job%3D"syslog-ng-dev-telegraf"}+%3D%3D+0&g0.tab=1”,
“startsAt”: “2020-12-15T20:37:57.226891198Z”,
“annotations”: {
“identifier”: “some.fqdn.net:9126”,
“description”: " has been unreachable for more than 5 minutes."
}
}
],
“version”: “4”,
“receiver”: “stackstorm”,
“externalURL”: “http://10.01.12.12:9093”,
“commonLabels”: {
“severity”: “critical”,
“service”: “telegraf”,
“host”: “some.fqdn.net:9126”,
“environment”: “Development”,
“instance”: “some.fqdn.net:9126”,
“job”: “dev-telegraf”,
“alertname”: “system unreachable”,
“receiver”: “stackstorm”
}
},
“headers”: {
“X-Request-Id”: “97fe5a69-47a3-4291-9b68-8e512cf61e48”,
“X-Forwarded-For”: “10.01.12.12”,
“Content-Length”: “1342”,
“User-Agent”: “Alertmanager/0.15.2”,
“Host”: “stackstorm-dev.com”,
“X-Real-Ip”: “10.01.12.12”,
“Content-Type”: “application/json”
}
}
}

You can use jinja syntax to get values from your incoming JSON.
"{{ trigger.body.status }}" which should result in "processed"

This then can be passed to the action on the Rule that had webhook as the trigger. This underlying action is associated with Orquesta based workflow which should be doing most of the work you intended.

1 Like

If you can hit the endpoint with postman…easiest thing to do is to use core.echo action with the above jinja syntax to generate desired values for sanity check before you pull them in your workflow. Hope that helps.

1 Like

Thanks @arms11 for the response. it worked

it worked thanks again