Skip to main content

External Beat Triggers Release Notes

External Beat Triggers add a generic external-events inbox for turning provider alerts into Beat state transitions.

What Is New

  • Page admins can create page-scoped ingest endpoints with one-time ingest tokens.
  • Upstream systems can POST arbitrary JSON to /api/v1/external-events/ingest/{token}.
  • The admin UI shows a historical inbox with redacted payload previews and evaluation explanations.
  • Admins can click payload fields to create trigger conditions.
  • Preview/backtesting evaluates draft rules against older inbox events without mutating Beat state.
  • External-event Beats can receive event-driven warning, critical, and recovery updates.
  • Beat Groups can own the customer-facing automation for grouped external-event Beats.
  • Slack review prompts now include ingest endpoint, matched trigger, fingerprint, and redacted evidence.
  • Assistant and Hosted MCP summaries include external-trigger context and review links.
  • Terraform export and the provider include ingest endpoint metadata, external-event Beats, and External Beat Trigger rules.

Safe Defaults

New External Beat Triggers should start in draft/review mode:

  • draft defaults to true
  • enabled defaults to false in Terraform
  • generated trigger setup uses public_post_mode = "draft_only"
  • existing ingest tokens are not exported
  • preview does not create Beat events, public actions, incidents, notifications, Slack messages, or public posts

Admins should only enable auto-posting after a trigger has been previewed against historical events and observed through at least one real firing and recovery.

Admin Guidance

Before enabling a trigger:

  1. confirm the ingest endpoint is scoped to the right page
  2. verify that the payload field used for identity is stable
  3. use a fingerprint shared by firing and recovery messages
  4. check preview warnings for broad matching, missing recovery, duplicate suppression, flapping, and auto-post risk
  5. attach the trigger to the intended Beat or Beat Group
  6. keep Slack review prompts on until the rule has proven stable

For GCP Cloud Monitoring, start with the sample firing and recovery payloads in External Beat Triggers, then adjust paths to the fields actually present in your alert policy.