How to Check if a Specific Playbook Was Executed Successfully or Failed on a Specific Alert ?

ranjeet · ‎02-25-2025

I am currently working on automating incident response workflows and need some assistance regarding the execution status of playbooks on specific alerts.

Here is my requirement:

How can I check whether a specific playbook has been executed successfully or failed on a particular alert?
I would like to verify the full execution result of the playbook for a given alert.
Based on the outcome (success or failure) of the playbook execution, I would like to automatically add a comment to the alert, indicating the result.

Any help with this would be really appreciated!

Thank You!

akashj · ‎04-08-2025

hi @ranjeet ,
In order to solve this, we added more picklist values to the state Picklist.
Our automation starts with the state "automation started." After a playbook is successfully finished, we set the state to "automation completed." The final step won't be carried out and the alert state will be in automation started if the playbook fails.
Afterwards, we have a scheduling plan that looks for alerts that were created 15 minutes ago and that still is in automation started state with few other checks in place. If it finds any records, it updates the status to "automation failed," and you may add comments to the alert.

Regards,
Akash J

Akash J

ranjeet · ‎04-08-2025

Hi @akashj,
In the case of multiple playbooks, we want to track which ones executed successfully and which ones failed.

How to Check if a Specific Playbook Was Executed Successfully or Failed on a Specific Alert ?

Nominate a Forum Post for Knowledge Article Creation

You are leaving our website