Webhook and Slack: Alertmanager Incident Router Template

Catch firing Alertmanager alerts on a Spojit webhook, summarize each one, and route it to the right Slack channel by severity.

What It Builds

This template starts with a Webhook trigger that your monitoring stack posts firing alerts to. An Agent-mode Connector node reads the raw alert payload and produces a short, human-readable summary, then a Condition node inspects the severity label and routes the message to the matching Slack channel. Critical pages land in your on-call channel while warnings go somewhere quieter, so the right people see the right noise.

The Prompt

Paste this into Miraxa and it builds the workflow, connecting the tools for you:

Build a workflow that triggers on a webhook where Alertmanager posts firing alerts. Summarize the alert payload into a short, readable message including the alert name, severity, and affected service. Then, if severity is critical, post the summary to the #incidents Slack channel; otherwise post it to the #alerts Slack channel.

Connectors Used

  • Webhook trigger - receives firing alerts posted by your monitoring stack.
  • Slack - posts the routed summary to a channel by severity.

Customize It

Change the channel names (#incidents, #alerts) to match your workspace, swap the routing label from severity to team or region, or adjust which fields the summary includes (add runbook_url or instance). You can also add a third channel by extending the Condition branches, all within this one prompt.

Tips

  • Enable HMAC signing on the Webhook trigger so only your monitoring stack can fire the workflow.
  • The summary step uses Agent mode so it adapts to varied payloads; switch to Direct mode if you want a fixed, no-AI Slack post.
  • Grant the Slack connection access to every channel you route to before going live.

Related

Did this answer your question? Thanks for the feedback There was a problem submitting your feedback. Please try again later.