You are looking at preliminary documentation for a future release. Not what you want? See the current release documentation.
Elastic Docs Elastic Observability [master] Cases
« Open and manage new cases CI/CD observability »

Configure external connectorsedit

If you are using an external incident management system, you can integrate Elastic Observability cases with that system using connectors. These third-party systems are supported:

  • ServiceNow ITSM
  • ServiceNow SecOps
  • Jira (including Jira Service Desk)
  • IBM Resilient
  • Swimlane
  • Webhook - Case Management

To send cases to external systems, you need the appropriate license, and your role must have the Cases Kibana privilege as a user. For more details, refer to Configure access to cases.

You need to create a connector to send cases, which stores the information required to interact with an external system.

After creating a connector, you can set your cases to automatically close when they are sent to an external system.

Create a connectoredit

  1. Go to CasesSettings.

    View case settings
  2. From the Incident management system list, select Add new connector.
  3. Select the system to send cases to: ServiceNow, Jira, IBM Resilient, Swimlane, or Webhook - Case Management.
  4. Enter your required settings. For connector configuration details, refer to IBM Resilient connector, Jira connector, ServiceNow ITSM connector, ServiceNow SecOps connector, Swimlane connector, or Webhook - Case Management connector.
  5. Click Save.

Edit a connectoredit

You can create additional connectors, update existing connectors, and change the connector used to send cases to external systems.

You can also configure which connector is used for each case individually. See Open a new case.

To change the default connector used to send cases to external systems:

  1. Go to CasesSettings.
  2. Select the required connector from the Incident management system list.

To update an existing connector:

  1. Click Update <connector name>.
  2. Update the connector fields as required.

Sending and closing casesedit

To send a case to an external system, click the Push as <connector name> incident button from the individual case page. This information is not sent automatically. If you make further changes to the shared case fields, you should push the case again.

If you close cases in your external incident management system, the cases will remain open in Elastic Observability until you close them manually.

To close cases when they are sent to an external system, select Automatically close cases when pushing new incident to external system when adding a connector to a case.

« Open and manage new cases CI/CD observability »