Kentik for Ansible Automation Platform now certified with Red Hat

Event-Driven Ansible offers a scalable and adaptable automation solution that integrates with monitoring tools from various software vendors. These tools oversee IT infrastructures, detecting events and automatically executing predefined changes or responses from a rulebook to address those events.

Kentik, a network observability leader, is essential for digital businesses, corporate IT and service providers. Network professionals depend on Kentik Observability Cloud for detailed insights and swift searches across network, cloud and internet performance, enhancing network health and security. Trusted by top companies like Box, IBM and Zoom, Kentik offers comprehensive observability to illuminate network operations. Learn more at kentik.com and follow on Twitter/X @kentikinc.

The Kentik Collection is now a Red Hat Ansible Certified Collection, and is available on Ansible automation hub. The collection contains an event source plugin from Kentik for Event-Driven Ansible to accept alert notification JSON. This works in conjunction with Event-Driven Ansible Rulebooks to allow users to automate changes to their environment.

Using JSON notifications

JSON notification channels facilitate the integration of Kentik with external monitoring systems, allowing events identified by Kentik, such as anomalies flagged by its alerting system, to activate third-party actions. These actions might encompass network adjustments, distributed denial of service (DDoS) attack countermeasures or alternative solutions. The JSON payload is posted to the specified webhook URL, where it can be parsed and processed for any desired purpose. For an example of the JSON payload that will be posted, see Sample Alert JSON.

If you prefer a predefined syntax for your notification channels, JSON could be a suitable choice over custom webhooks. It offers a fixed format for the notification payload, devoid of customization options, allowing users a consistent and specified payload structure.

Configuration steps:

Prerequisites

• A Kentik portal account
• Ansible Automation Platform with Event-Driven Ansible 

Writing the Event-Driven Ansible Rulebook

1.Install the kentik.ansible_eda collection (locally for development or within a decision environment for running rulebooks on Ansible). 

ansible-galaxy collection install kentik.ansible_eda

See using Ansible Content Collections for more details.

Instructions on how to build a custom decision environment for Event-Driven Ansible can be found here.

2. Develop a rulebook, designating the kentik_webhook from the kentik.ansible_eda Collection (kentik.ansible_eda.kentik_webhook) as the event source, and define the listen address and port:

 sources:
    - kentik.ansible_eda.kentik_webhook:
        host: 0.0.0.0
        port: 5000

3. In the rules section, configure the conditions and the required actions. The full Rulebook will look like this:

---

---
- name: Listen for alert notifications from Kentik
  hosts: all
  sources:
    - kentik.ansible_eda.kentik_webhook:
        host: 0.0.0.0
        port: 5000

  rules:
   - name: Web Application Down - Critical Error
     condition: event.payload.TestType == 'HTTP(S) or API' and event.payload.AlarmSeverity == 'critical'
     action:
       run_playbook:
         name: playbooks/example_playbook.yml
         

Configuring the Kentik JSON notification

The next step is to set up the JSON webhook notification in the Kentik platform. To configure the notification, navigate to Menu >> Settings >> Notifications. From there, click on the blue Add Notification Channel button to bring up the following dialog window:

You will need to give your notification channel a name. The URL will need to be the endpoint that your Event-Driven Ansible plugin is going to listen on. This URL will need to be publicly accessible. The end point needs to be in the format of:  

url:port/alert

NOTE: Notifications are tied to the thresholds on an alert which are beyond the scope of this blog. For more information on configuring an alert threshold, see the Kentik knowledgebase article Threshold Policy Settings.

See JSON notification settings for more details.

4. Run the ansible rulebook from the command line to test the integration:

ansible-rulebook -r -i inventory.yml -r kentik_rulebook.yml

And when ready, create a rulebook activation in Event Driven Ansible Controller using the instructions here.

Next steps

For more information see Kentik, Event-Driven Ansible and Ansible-Rulebook documentation. Or, join the Kentik Community on Slack.

Event-Driven Ansible at a glance

Leverage a robust, integrated platform

Utilize Event-Driven Ansible to enhance efficiency and deliver precise IT services. Select either manual or automatic automation styles for specific tasks using one comprehensive platform.

Foster innovation

Enable teams to focus on their most important and impactful work. Increase business value delivered by IT through various channels like applications, networks, cloud services and edge computing.

Enhance speed and efficiency

Apply Event-Driven Ansible flexibly across different requirements. Integrate multiple event sources and use YAML to craft conditional rules that execute actions as needed, including the ability to leverage existing playbooks or templates.

Offer flexible implementation

Apply Event-Driven Ansible flexibly across different requirements. Integrate multiple event sources and use YAML to craft conditional rules that execute actions as needed, including the ability to leverage existing playbooks or templates.

Streamline IT adaptability

Use a singular automation platform to standardize repetitive operations across networking, edge technology, infrastructure, DevOps, security and cloud environments.

Maintain consistency

Encode team expertise in Ansible Rulebooks facilitate consistent action every time. Reduce the likelihood of human errors commonly associated with repetitive tasks and fatigue, and tackle configuration discrepancies promptly.

Learn more about Event-Driven Ansible here.