Every problem. Deduped. Routed on rules.
A top-level Alerts page is the state-machined view of every problem ingested from a monitoring source. Per-source rules decide which severities auto-promote to tickets — stop the noisy "every Warning is a ticket" loop without losing visibility.
One row per (source, external_event_id).
Distinct from external_alert_event (the immutable audit log per webhook fire): the alerts table keeps one row per problem and transitions open → cleared as the vendor opens + clears upstream. A refire_count tracks flap.
open First fire — alert created or refire on an existing one increments refire_count.
promoted An alert_rule matched and Resolvd spawned a ticket. Cross-ref stored on the alert row.
acknowledged Assignee or admin ACKs from the Alerts page. Quiets the dashboard widget without resolving upstream.
cleared Vendor reported a clear. State machine closes the row; refire restores it to open.
Three actions. Severity + title regex narrows.
Each rule combines a severity threshold, an optional title regex, and a single action. Warnings still appear on the Alerts page + dashboard widget — they just don't manufacture a ticket each time.
promote_ticket Auto-create a ticket on the project. Severity + title regex narrow the rule.
notify_only Surface on the Alerts page and dashboard widget; no ticket spawned. Good for Warnings you want visibility on but don't want a queue entry for.
ignore Drop on the floor. Still recorded in external_alert_event for audit.
Active alerts at a glance.
Top 8 open problems with severity badge, source label, and ticket ref where promoted. Click through to the Alerts page or jump straight to the ticket. Submitter / Viewer roles see only alerts on their member projects.
Three adapters. Registry-driven.
services/integrations/registry.js is the source of truth for vendor adapters. The admin add-source form renders each adapter's credentialsSchema — so onboarding NinjaOne / Datto / ConnectWise lands the day the registry entry does, without UI churn.
Zabbix
Webhook + RESTWebhook intake for problem fire / clear. Optional REST backfill for historical context. Hostgroup → project routing per source.
Action1*
REST pollREST poll with OAuth2 client-credentials. 429 retry-after + token bucket. Failed policy runs auto-translate to alerts on the configured project.
Generic webhook
Field-mapTabular field-map editor — map inbound JSON paths to Resolvd ticket fields with optional value_map lookups. Onboard anything without a code change.
Tame your alert firehose.
Admin → Alert sources → New → pick an adapter → write your rules. The dashboard widget lights up on first fire.
* The Action1 integration is an independent community project and is not affiliated with, endorsed by, sponsored by, or supported by Action1 Corporation. Action1 has not reviewed, tested, certified, or audited this integration for security, performance, or compliance purposes and is not responsible for its operation, availability, or use. “Action1” is a trademark of Action1 Corporation and is used solely to identify compatibility with the Action1 platform.