relate incidents with work teams

I would like to be able to relate according to the device that notifies an incident with the teams that supervises that device

This would be done by creating a well configured, business-aligned technical service configuration where each team’s business products, offerings, services, applications (and maybe even functional technology) are represented.

Then, you’d want to ensure that all of your incoming events/alerts contain rich metadata (host/node name, tags, labels, etc.) that you can create event orchestration rules that match specific metadata and then route the incoming events/alerts into the appropriate technical service, notifying the on-call team for that service.


If you are using Datadog, you might create and assign a few tags like these:

  • Service: Mobile Banking
  • Application: Mobile Deposits
  • Function: iOS Team

Then you’d create an event orchestration rule with conditions that look for those tags/values and then routes the event/alert into a service called “Mobile Banking : Deposits : iOS” and notify that on-call responder.

I’ m triying integrate Centreon with PagerDuty

I need to differentiate the alerts that come from Linux devices and Windows devices to send them to the responsible technicians of each department.

I don´t know if it is the same process that you comment


Have you seen this: or this:

I do not recommend that you create a single service named"Centreon" and integrate it there. Instead, create a new Event Orchestration and use that API token in your integration, and then you’ll be able to inspect incoming fields with your Centreon data (eg hostname) and route into fine-grained technical services for your apps, services, and associated teams. (Also, do not create a service named after your departments or teams but rather important business services and applications those departments own/support!)

This config file for Centreon shows a bit about what data you’ll be sending over to PagerDuty to create events/alerts:

Start with hostnames and if you have a structured hostname scheme, it may be easy to create event orchestration rules that match parts of that.