Evaluate viable candidates for incident paging
Open, MediumPublic
Actions

Assigned To

None

Authored By

	• lmata
	Jul 27 2022, 5:22 PM

Description

The SRE observability team wants to evaluate migrating from our current paging implementation. We have noted past issues with our paging implementation visible in T274663: Icinga meta monitoring recovery didn't resolve VO page and T264016: Host page did not auto-resolve in VO, minor problems with app sessions in T284215: Splunk oncall / victorops mobile app logout tracking, and run into a gap in functionality impacting our business on-call paging rotation T313603: Business hours oncall implementation delays pages to batphone by 5 minutes when there are no oncallers.

We also have collected feedback regarding the user experience of Splunk On-Call and have identified the following deficiencies:

Exporting the calendar to view roster/exceptions periodically is clunky as you cannot filter out rotations (batphone)
There is no way to get shift start/end notifications for users who do not use the mobile app
Shift start/end notifications are not configurable (i.e., would like to get notified on Friday for a shift that starts on Monday)
Exception scheduling is not intuitive (having comparable timezone views for folks in different locations would help to create overrides)
"Immediately proceed to next step if no one is on call in current step" escalation policy feature is missing, which has led to delayed after-hours pages (page is routed to no one until 5m timeout reached) as well as confusion if an alert had resolved within that delay window.
The system lacks an administrative audit trail (e.g. log of configuration changes)

The above situation presents an opportunity to re-assess past decisions, iterate, and propose a solution that more closely matches our current needs. In addition, one of the past factors leading to our current selection was the possibility of using VO to annotate and communicate during incidents. In retrospect. This functionality has not been leveraged or is deficient, prompting T313228: Deploy Dispatch for SRE incident workflow automation to address "in-incident" tooling and communication gaps.

Background:
The original V.O. requirements doc: https://docs.google.com/document/d/1FCbR_R7_itnLcJRJd05S2ZLBTS1lwoI9M2wjHiiGTE4/edit?usp=sharing
These items informed the matrix: https://docs.google.com/spreadsheets/d/1CLILuWaVY4tK6zz3ZXFJy5NO8fq5Nx8eYjwPky3EJnM/edit#gid=0

Todo:

document updated business case for incident paging
document requirements / gaps in current solution https://docs.google.com/document/d/1qa60IAreTgbOsafgAJMLJc2OAjb7i7VkosXVKIuGwzM/edit#heading=h.vyt1m0p2t0j6
evaluate tool from a user perspective (with a goal reduce current friction in the process)
define and document an implementation plan (technical, comms, timeline) if the evaluation is promising

Related Objects
Search...

Status	Assigned	Task
Open	None	T313958 Evaluate viable candidates for incident paging
Duplicate	None	T315327 Evaluate grafana incident for ir tooling
Resolved	herron	T335586 improve controls for on-call rotation management
Open	None	T350506 Explore Grafana OnCall for on-call schedule management and alert/page routing
Declined	None	T350508 Grafana OnCall: Production service setup

Event Timeline

• lmata created this task.Jul 27 2022, 5:22 PM

Restricted Application added a subscriber: Aklapper. · View Herald TranscriptJul 27 2022, 5:22 PM

• lmata renamed this task from evaluate Grafana OnCall as a viable replacement for Splunk On-Call (formerly VictorOps) for incident paging to Evaluate Grafana OnCall as a viable replacement for Splunk On-Call (formerly VictorOps) for incident paging.Jul 27 2022, 8:14 PM

• lmata triaged this task as Medium priority.

• lmata updated the task description. (Show Details)

CDanis subscribed.Jul 29 2022, 6:26 PM

• lmata moved this task from Inbox to Up next on the SRE Observability (FY2022/2023-Q1) board.Aug 3 2022, 2:55 PM

LSobanski subscribed.Aug 5 2022, 4:05 PM

herron updated the task description. (Show Details)Aug 11 2022, 3:49 PM

herron updated the task description. (Show Details)

Grafana also has announced this year Grafana Incident, which AIUI is presently available in beta via Grafana Cloud https://go2.grafana.com/incident-beta-interest.html

Since we'll be evaluating Grafana on-call here, and are also working to deploy incident management tooling, I think it'd be worth including an evaluation of Grafana Incident. At a minimum it would be helpful to understand if/when an open source release should be expected, as well as to what degree continuing our current approach of externally hosted escalation/incident tooling (VO, Statuspage) makes sense.

• lmata mentioned this in T315327: Evaluate grafana incident for ir tooling.Aug 16 2022, 3:01 PM

• lmata edited projects, added SRE Observability (FY2022/2023-Q2); removed SRE Observability (FY2022/2023-Q1).Oct 24 2022, 5:37 AM

• lmata edited projects, added Observability-Alerting; removed SRE Observability (FY2022/2023-Q2).Jan 12 2023, 6:52 PM

• lmata renamed this task from Evaluate Grafana OnCall as a viable replacement for Splunk On-Call (formerly VictorOps) for incident paging to Evaluate viable candidates for incident paging.Apr 13 2023, 2:16 AM

• lmata updated the task description. (Show Details)

JMeybohm subscribed.Apr 18 2023, 4:35 PM

herron added a subtask: T335586: improve controls for on-call rotation management.Apr 28 2023, 3:45 PM

herron mentioned this in T335586: improve controls for on-call rotation management.Apr 28 2023, 4:05 PM

• lmata removed • lmata as the assignee of this task.Nov 13 2023, 4:08 AM

• lmata added a subtask: T350506: Explore Grafana OnCall for on-call schedule management and alert/page routing.

• lmata moved this task from Inbox to Prioritized on the Observability-Alerting board.

herron closed subtask T335586: improve controls for on-call rotation management as Resolved.Jan 14 2025, 3:56 PM