PRTG integration for Splunk On-Call (Legacy email version)

Configure the PRTG legacy integration for Splunk On-Call.

PRTG is a highly flexible and generic software for monitoring IT infrastructure. The following documentation will walk you through how to send PRTG notifications to the Splunk On-Call timeline by using the generic email endpoint.

Requirements

This integration is compatible with the following versions of Splunk On-Call:

  • Starter

  • Growth

  • Enterprise

To ensure incidents are resolved correctly, choose static fields for the Critical and Resolved subject lines.

Splunk On-Call configuration

In Splunk On-Call, select Integrations > PRTG.

If the integration isn’t active, select Enable Integration to generate your endpoint URL. Make sure to replace the $routing_key section with the actual routing key you want to use.

Activate PRTG integration

PRTG configuration

  1. From the main dashboard, select Setup > Account Settings > Notifications.

  2. Select Add new notification.

  3. Give the notification a name.

  4. Make sure the status is set to :Started. Under Notification summarization, set the Method to Always notify ASAP.

Create an incident

  1. Use the following text as the subject line: [%sitename] %device %name CRITICAL

  2. Select the check box for Send email. This expands the email settings.

  3. Paste your Splunk On-Call email endpoint address into the Send to Email Address field.

Resolve an incident

If you want PRTG to send a recovery email to close the incident in Splunk On-Call when a monitored device recovers, you need to:

  1. Create a separate notification using another email that uses this text as the subject: [%sitename] %device %name RECOVERY

  2. Set the Format field to Text, then select Save.

  3. To test the integration, return to the Notifications, find your newly created Splunk On-Call notification method and select Test. This triggers an incident in your Splunk On-Call timeline.