Documentation forSolarWinds Incident Response

Using the Integration

Trigger Incidents from Slack

You can trigger incidents in Incident Response directly from a Slack Channel.

To trigger an incident from Slack:

  1. Navigate to your Slack channel, type /create_incident, and click Incident Response - Create an incident in Incident Response.

  2. In the pop-up

    1. Pick the Service for which you want to trigger the incident
    2. Give the incident a meaningful title

    3. Provide an informative description if needed

    4. Add an Assignee for the incident, it can be a user/squad/escalation policy

    Click on Submit

  3. You will now be able to see the newly triggered incident in Incident Response. You will also be notified in the globally configured or the Service specific Slack Channel for the same.

You can create an incident for an ongoing conversation/thread, simply click on More Actions -> Create an Incident.

A modal will open up, and follow the same steps as mentioned above to create an incident.

Incident Actions

When an incident is triggered, the incident notification message in Slack will display options for the following incident actions:

Action Description
Acknowledge Acknowledge the incident
Reassign Reassign the incident
Resolve Resolve the incident
Add a Note Add a note to the incident
Attach Runbooks Attach a runbook to an incident
Create Incident Channel Create a Slack channel for an incident
Add Communication Channel Add a communication channel for the incident
Update Tags Add a tag for the incident

Slack Commands

Here is a list of Slack commands that you can use to perform actions of incidents using Incident Response.

Common Commands

These commands will work anywhere within Slack. When you perform the below commands the system will take the respective actions.

Command Description
/create_incident /sq /sq create /sq new To provide incident details and create a new incident
/sq help /squadcast help /sq man /squadcast man Displays all the slack commands
/sq oncall To check who is currently on-call

Incident Specific Channel Commands

These commands will work only in the channels created for incidents specifically. When you perform the below commands the system will take the respective actions.

Command Description
/sq acknowledge /sq ack Helps to acknowledge an incident
/sq reassign Helps to reassign an incident
/sq resolve Helps to resolve an incident
/sq add_notes Helps to add notes to an incident
/sq tags Helps to add/update tags to an incident
/sq add_runbooks Helps to attach/detach runbooks to an incident
/sq comms Helps to add a communication card to an incident
/sq pm /sq postmortem /sq retro /sq retrospective Helps to create a postmortem for an incident
/sq archive Helps to archive an incident-specific channel