Automate Incident Creation (Incident Rules)

Incident rules can create incident based on defined rule sets

Create incidents automatically via Incident Rules via the main page of a Service under Service Definition.


Incidents are created automatically when Incident Rules are matched. OpsGenie's Integrations Rules automatically process incoming data, create a new Alert, and forward the Alert data to the Incident Management Rule engine. If the Alert data matches specified conditions (Incident Rules), OpsGenie creates an Incident and associates the raw alert with the Incident (in a parent-child relationship).


Auto-matched Alert Behavior

After an incident is opened, alerts matching the Incident Rules become Associated Alerts under the incident automatically, and no notification is sent. This aims to reduce alert fatigue.

Therefore, it is important to close your incidents in a timely manner, because notifications are not sent for alerts matching an open incident.

If the incident in question is resolved or closed, and a matching alert is processed, a new incident is opened and notifications are sent.

The automatically created Incident notifies the Responders and Stakeholders listed under the particular Service, according to communication channels specified by users or by any Notification Template.

To automate incident creation
Define and specify Incident Rules β€”β€Š and Responders and Stakeholders β€”β€Š in the Services area of your Team Dashboard, as described, in Adding and Editing Services.

Incident rules let you customize how your incidents are created. If the alert data matches the defined conditions, this creates an Incident based on the defined fields. Like many OpsGenie engines, the Incident Rules operate on If/Then statements and matching conditions.


Designate the conditions for which to match alerts to create an incident. The incident automatically created from the alert includes the fields (message, description, tags, etc.) as configured under the Incident Rules.