Notes by Doctor Droid

How to create workflows in Doctor Droid PlayBooks

Jayesh Sadhwani's photo
Jayesh Sadhwani
·

3 min read

What are Workflows and how do they help automate preliminary investigations?

Cover Image for How to create workflows in Doctor Droid PlayBooks

Introduction to Workflows

Automating the investigation of your system using alerts is helpful for a number of reasons. It can help you take immediate response and minimise the downtime, ensure that the monitoring is consistent and accurate and ensure proactive issue resolution which helps in preventing incidents rather than just reacting to them. Playbooks help you with this using Workflows.

https://youtu.be/O6DIDvT0IZo?si=CVJE1YocWM5NSL-h

Components of a Workflow

Trigger

Trigger is an entry point into the workflow and defines when the investigation is to be done.

  1. We can choose to do it whenever a bot sends an alert into a slack channel and filter it for a certain string:

  2. We can choose to do it from an API call (we might want to run a playbook from our custom code or whenever our code encounters an error)

  3. We can even choose to do it or trigger it from a Pagerduty incident creation by adding in the service and the title

Playbook

Now that we have setup a trigger, the next step would be to select a playbook to run whenever we have a trigger.

We can either send the link to an execution of the playbook or execute the playbook and just send back the summary where ever required.

Scheduler

Now we have a trigger, and we know what playbook we want to run. The next step would be to determine when to run this playbook. That is where the scheduler comes in. We can chose to run it

  1. Just once

  2. On a certain CRON interval

  3. Simple interval(using seconds)

We can chose to keep something alive, or never ending if we just keep the stop after duration blank.

Notifications or Actions

The last component of workflows is notifications or actions. Notifications basically specify where we want to send the act where we want to send the message to. These tell us essentially what action to take when executing a certain workflow.

  1. We can send the result to the alert in the thread that was triggering the workflow

  2. We can send it via slack message in a specific channel

  3. We can send it into MS teams

  4. We can send it as an Email

  5. If we select the Pagerduty trigger we can even send it as a note to Pagerduty

Testing out a workflow

To test the workflow we just created, we can just click on the Test Run button which would simulate the trigger or the alert and give us a result in the action of our choice.

We can see this actually does execute the workflow and gives us a reply to an alert

This is how we are able to use workflows in Doctor Droid PlayBooks to enrich an alert.

If you're interested to try out PlayBooks, sign up here or clone our repo from Github.