Monitoring without action management is monitoring for monitoring’s sake. Thousands of alerts a day, half of which are ignored, a quarter of which result in manual ticket creation and the rest are lost in the noise – this is the reality of many IT departments that have implemented monitoring without thoughtful integration with ITSM processes. Checkmk solves this problem through native integrations with popular ticketing and ITSM systems, closing the loop between problem detection and resolution.
Table of contents
- Why is monitoring without ITSM incomplete?
- How does Checkmk integrate with ticketing systems?
- Integration with ServiceNow
- Integration with Jira Service Management
- Integration with other ITSM systems
- Alert management and noise reduction
- Key findings
- FAQ
- Summary
Why is monitoring without ITSM incomplete?
Monitoring detects problems – but it is ITSM that manages the solution. Without integration between these systems, the “valley of death” occurs: an alert is generated in the monitoring system, someone sees it (or not), manually creates a ticket, assigns it to the right person, completes the description…. and only then does the actual work on the problem begin. The time from detection to the first corrective action (MTTA – Mean Time To Acknowledge) is much longer than it should be.
The other side of the problem is the lack of closing the loop: the ticket is resolved, but the monitoring system doesn’t know when or by whom. There is a lack of data for MTTR (Mean Time To Resolve) analysis, a lack of information on incident recurrence, and a lack of context for postmortem.
Checkmk with ITSM integration closes this loop – from automatically creating a ticket when a problem is detected, to updating its status, to automatically closing when monitoring confirms a solution.
How does Checkmk integrate with ticketing systems?
Checkmk offers two mechanisms for integrating with external systems. Notification Rules is a built-in mechanism configurable through the web interface – you define which alerts, for which hosts/services and under what circumstances to generate external actions. Event Console is an event correlation mechanism that can generate tickets based on event patterns rather than individual alerts.
The technical integration mechanisms are: notification scripts (Python/Shell), Checkmk’s REST API, webhooks and Event Rules. Checkmk provides ready-made notification scripts for the most popular ITSM systems – ServiceNow, Jira, PagerDuty, OpsGenie and others – which only require configuring connection parameters.
Integration with ServiceNow
Checkmk’s integration with ServiceNow is one of the most extensive among supported ITSM systems. The pre-built plugin available in Checkmk Exchange supports: automatic creation of incidents in ServiceNow when a CRIT or WARN alert is detected, automatic updating of an incident when the monitored state changes (e.g. from CRIT to WARN), automatic closing of an incident when Checkmk records a return to an OK state.
Attribute mapping is configurable – you can map Checkmk severities to ServiceNow incident categories, assign support groups based on host tags or service labels in Checkmk. Two-way synchronization also allows you to add notes to a ServiceNow incident directly from Checkmk.
Integration with Jira Service Management
For organizations using Jira Service Management (formerly Jira Service Desk), Checkmk offers integration via Jira’s REST API. Checkmk alerts create Issues in the selected Jira project with auto-filling fields: summary (hostname + service + status), description (full alert context from Checkmk), priority (mapped from Checkmk severity), labels (tags from Checkmk).
The configuration allows routing of tickets to different Jira projects depending on the source of the alert – for example, infrastructure alerts go to the Ops project, application alerts to the Dev project. Integration with monitoring software creates a cohesive incident management ecosystem.
Integration with other ITSM systems
In addition to ServiceNow and Jira, Checkmk supports integration with: PagerDuty (alert escalation and on-call management), OpsGenie (alternative alerting platform), Slack and Microsoft Teams (chat notifications with a link to the incident), email (with rich HTML formatting including alert context), VictorOps/Splunk On-Call, Zendesk and others via custom scripts.
Custom notification scripts allow integration with any system that supports HTTP APIs – giving unlimited flexibility for organizations with custom ITSM systems.
Alert management and noise reduction
Integration with ITSM is only as good as the quality of the alerts going into it. Checkmk offers noise reduction mechanisms that prevent ticketing systems from being flooded with false alerts and fluctuating alerts.
Flap Detection detects services “flashing” between states and withholds notifications until stabilization. Delay and Renotification allow you to define the minimum duration of a problem before a ticket is generated. Alert suppression during service windows prevents incidents from being generated during scheduled outages. Correlation in Event Console allows you to group multiple alerts related to a single event (e.g., a switch failure causing alerts to hundreds of hosts) into a single ticket.
Key findings
- Monitoring without integration with ITSM leaves a “valley of death” between detection and response to the problem.
- Checkmk offers native integrations with ServiceNow, Jira, PagerDuty and others through ready-made plugins and notification scripts.
- Two-way synchronization closes the loop: a ticket is automatically created, updated and closed based on monitoring states.
- Noise reduction mechanisms (flap detection, delay, correlation) prevent ITSM systems from being flooded with false tickets.
- The flexible notification script model allows integration with any system via HTTP API.
FAQ
Can Checkmk automatically close the ticket when the problem is resolved? Yes – with bi-directional integration (ServiceNow, Jira) Checkmk can automatically close or update a ticket when the monitored service returns to OK.
How does Checkmk handle duplicate tickets with recurring alerts? You can configure logic to check if there is already an open ticket for a given host/service before creating a new one. Ready-made scripts implementing this logic are available.
Can you have different ticketing rules for different environments? Yes – Notification Rules in Checkmk allow for very granular configuration of which alerts, for which hosts and at what times generate tickets and in which system.
How to implement Checkmk-ServiceNow integration without external consultants? Checkmk provides detailed documentation and a ready-made plugin. For more complex configurations (custom mappings, bidirectional synchronization), Ramsdata offers implementation support.
Summary
Integrating Checkmk with ITSM systems is a step that turns monitoring from an observation tool into part of the incident management process. Automatically creating, updating and closing tickets eliminates manual work for administrators and reduces MTTA to a minimum. Contact Ramsdata to learn how Checkmk can integrate with your organization’s ITSM systems.
