Cross-Provider Workflow

Sysdig Monitor Alert and Event to Slack

Version 1.0.0

List Sysdig Monitor alerts, record a custom event, and notify Slack.

1 workflow 2 source APIs 2 providers
View Spec View on GitHub ArazzoWorkflowsCross-Provider

Providers Orchestrated

sysdig slack

Workflows

monitor-alert-event-notify
List Sysdig Monitor alerts, record an event, and notify Slack.
Lists Sysdig Monitor alerts, records a custom event, and posts a Slack notification with operational context.
3 steps inputs: eventName, slackChannel outputs: alertCount, eventId, messageTs
1
list-alerts
$sourceDescriptions.sysdigMonitorApi.listAlerts
List configured alerts in Sysdig Monitor.
2
create-event
$sourceDescriptions.sysdigMonitorApi.createEvent
Record a custom event in Sysdig Monitor marking an operational change.
3
notify-slack
$sourceDescriptions.slackChatApi.postChatPostmessage
Post a Slack notification with the recorded event context.

Source API Descriptions

openapi
sysdigMonitorApi https://raw.githubusercontent.com/api-evangelist/sysdig/refs/heads/main/openapi/sysdig-monitor-openapi.yml
openapi
slackChatApi https://raw.githubusercontent.com/api-evangelist/slack/refs/heads/main/openapi/slack-chat-openapi.yml

Arazzo Workflow Specification

sec-sysdig-monitor-alert-to-slack.yml Raw ↑ 
arazzo: 1.0.1
info:
  title: Sysdig Monitor Alert and Event to Slack
  summary: List Sysdig Monitor alerts, record a custom event, and notify Slack.
  description: >-
    An observability workflow that lists configured alerts in Sysdig Monitor, records a custom
    event marking an operational change, and posts a notification to a Slack channel so the
    on-call team has context. Demonstrates orchestrating an infrastructure monitoring platform
    with a chat platform in a single Arazzo workflow.
  version: 1.0.0
sourceDescriptions:
  - name: sysdigMonitorApi
    url: https://raw.githubusercontent.com/api-evangelist/sysdig/refs/heads/main/openapi/sysdig-monitor-openapi.yml
    type: openapi
  - name: slackChatApi
    url: https://raw.githubusercontent.com/api-evangelist/slack/refs/heads/main/openapi/slack-chat-openapi.yml
    type: openapi
workflows:
  - workflowId: monitor-alert-event-notify
    summary: List Sysdig Monitor alerts, record an event, and notify Slack.
    description: >-
      Lists Sysdig Monitor alerts, records a custom event, and posts a Slack notification with
      operational context.
    inputs:
      type: object
      properties:
        eventName:
          type: string
        slackChannel:
          type: string
    steps:
      - stepId: list-alerts
        description: List configured alerts in Sysdig Monitor.
        operationId: $sourceDescriptions.sysdigMonitorApi.listAlerts
        successCriteria:
          - condition: $statusCode == 200
        outputs:
          alertCount: $response.body#/total
      - stepId: create-event
        description: Record a custom event in Sysdig Monitor marking an operational change.
        operationId: $sourceDescriptions.sysdigMonitorApi.createEvent
        requestBody:
          contentType: application/json
          payload:
            event:
              name: $inputs.eventName
              severity: 4
        successCriteria:
          - condition: $statusCode == 200
        outputs:
          eventId: $response.body#/event/id
      - stepId: notify-slack
        description: Post a Slack notification with the recorded event context.
        operationId: $sourceDescriptions.slackChatApi.postChatPostmessage
        requestBody:
          contentType: application/x-www-form-urlencoded
          payload:
            channel: $inputs.slackChannel
            text: A Sysdig Monitor event was recorded and alerts were reviewed.
        successCriteria:
          - condition: $statusCode == 200
        outputs:
          messageTs: $response.body#/ts
    outputs:
      alertCount: $steps.list-alerts.outputs.alertCount
      eventId: $steps.create-event.outputs.eventId
      messageTs: $steps.notify-slack.outputs.messageTs