Self Service Email Parser
Configure parsing rules for monitoring emails from a non-standard tool.
The BigPanda Email Parser is a customizable integration that receives emails from a source system and parses them into BigPanda events.
| Supported Versions | Type |
|---|---|
| Plain-text | Inbound Email |
Ideal for monitoring tools and systems that do not support REST API, the email parser extracts alert data such as status and properties right from the email's subject or body. The parser supports text and HTML content (with more advanced support for HTML Tables coming soon).
Alerts should be configured to send individually to the parser.
A unique email parser must be configured for each source that will be sending emails to BigPanda. Each email source can only send to one BigPanda email parser at a time.
For more information about the Self Service Email Parser, see the BigPanda University Open Integration Manager and Email Parser Course.
Install the Integration
Administrators can install the integration by following the on-screen instructions in BigPanda.
Extraction Rules
Default Rules
There are three pre-defined extraction rules. These rules can be customized, but cannot be deleted. Additional rules to extract additional properties can be configured.
Each rule can be configured to pull from the subject or body of the email.
Alert status:
This lookup rule searches in the subject or body for specific strings. If there is a match, the defined status will be populated. If not, the next rule will be run. If none of the rules match, the default value will be populated.
Default mapping rules:
| Email Status | BigPanda Status |
|---|---|
| “Has been resolved” “resolved” | ok |
| “Unknown problem” | warning |
| “High severity” | critical |
- If none of these are matched, the default status is ‘critical’
Primary Property Tag
- This tag will be marked as the primary property in BigPanda.
- For more information, take a look at the primary_property page in BigPanda's glossary.
Mail source
- Populated automatically from the “FROM” address and cannot be changed.
Secondary Property Tag (Optional)
- This tag will be marked as the secondary property in BigPanda.
- We recommend configuring secondary properties when possible to help connect critical/warning events to their corresponding 'ok' message.
- For more information, take a look at the secondary_property page in BigPanda's glossary.
Additional Properties
Custom tags can be extracted as defined during configuration. The following must be defined for each tag:
- Tag name - The custom tag must already exist in BigPanda. Tag names must meet the following requirements:
- Maximum length of 64 characters.
- Starts with a letter from a to z.
- Contains only lowercase letters (a-z), numbers (0-9), and some special characters, including underscores ( _ ) and hyphens ( - ) and cannot contain spaces.
- Source - Select either Subject or Body.
- Default Value - Set a string to function as the tag value if the extraction rule isn’t met.
- Extraction rule - The regex rule to extract the value from the email. The extraction rule cannot be empty for any configured tag.
The parser can handle emails up to 10 MB
Previewing Sample Alerts
Use the sample email pane to easily preview and configure extraction rules for the parser. Simply copy the text of a sample email on the left, and the system will generate a sample alert based on the email values and configured settings.
Authorized Sources
Populate this field with the list of email addresses that will be sending emails to this parser. The "*" character acts as a wildcard. For example, if you would like to include all addresses from a certain domain, you can use "*@bigpanda.io".
During configuration, BigPanda will automatically create a recipient address for the integration. As a standard, these email addresses use plus addressing (i.e. bpalerts+[email protected])
If your alerting system does not support plus addressing, contact BigPanda Support and request a product change.
Deactivate the Integration in BigPanda
If you want to stop sending data to BigPanda but don’t want to delete your integration, you can temporarily deactivate it.
To deactivate an integration:
- In BigPanda, navigate to the Integrations tab and select the desired integration from the list. This will open integration details on the right side of the window.
- At the top of the integration details, click the Active/Inactive toggle next to the application name to change the status of the integration.
Alert Resolution for Inactive Integrations
Any active alerts belonging to an inactive integration must be manually resolved or they will stay in the system until the auto-resolve window is reached.
Uninstall the Integration
Deleting an integration requires changes to both the integrated system and BigPanda. You must uninstall the integration on the integrated system and then delete the integration from BigPanda.
When replacing an existing integration with a new tool or system, we recommend configuring the new integration first to ensure no data is lost.
Stop Sending Data to BigPanda
On the integrated system, disable any settings that send data to BigPanda.
Halt emails completely, or remove BigPanda from the recipient list.
Manually resolve any open alerts sent from the integration to remove the associated incidents from your incident feed. These incidents will not automatically resolve without an ok status from the original sending integration.
Delete the Integration in BigPanda
- In BigPanda, navigate to the Integrations tab and select the desired integration from the list.
- In the integration details on the right of the page, click the trash icon, then confirm you want to delete the integration. The integration will then be removed immediately.
Alert Resolution for Deleted Integrations
All active alerts from the integration will be resolved after deletion.
️Data Removal
This procedure does not remove any data from the integrated system.
Version and release information
v1.4.0
- UI Configuration Enabled
v1.0.0
- Initial release 🎉
Updated 5 months ago