Overview
The Rootly Edge Connector is a lightweight agent that enables secure, bidirectional integration between Rootly and internal or on-premises systems that cannot accept inbound internet connections. It uses an outbound-only polling model to listen for events from Rootly and execute local actions in response.Edge Connectors are ideal for organizations with strict security requirements where opening inbound firewall ports is not permitted or desirable.
Key Benefits
- Enhanced Security: No inbound firewall rules required - only outbound HTTPS connections
- Flexibility: Execute any script or automation in response to Rootly events
- Auditability: Full Git-based configuration and comprehensive execution logs
- Reliability: Event queueing with retry logic ensures no missed actions
- Seamless Integration: Bridge cloud-based Rootly with on-premises systems
How It Works
Communication Flow
- Polling: The Edge Connector polls Rootly’s API at regular intervals for new events
- Event Processing: When events are received, the connector maps them to configured actions
- Execution: Whitelisted scripts are executed with event context as parameters
- Reporting: Results and logs are sent back to Rootly for visibility and audit
Security Model
Why Outbound-Only is More Secure
Traditional Webhook Approach (Inbound):- Requires exposing an endpoint to the internet
- Must configure and maintain TLS termination
- Attack surface for scanning, probing, and DDoS
- Firewall changes and security reviews required
- Only outbound HTTPS (same as normal web browsing)
- No exposed endpoints for attackers to discover
- No firewall changes needed
- Cannot be directly targeted from the internet
Additional Security Features
- API Key Scoping: Create Edge Connector-specific API keys with minimal permissions
- Script Whitelisting: Only approved, version-controlled scripts can execute
- Team-based Authorization: Map Rootly teams to allowed local actions
- Audit Trail: Every action logged with full context (who, what, when)
- Network Isolation: Run the connector on a dedicated, isolated host
Getting Started
Prerequisites
- Rootly team with Edge Connector feature enabled
- Ability to run a service in your internal network
- API key with Edge Connector permissions
Request Access
Edge Connector is an enterprise feature that requires enablement by Rootly administrators.
- Navigate to Settings → Edge Connectors in Rootly
- Click Request Access
- Your team administrators will be notified
- Contact [email protected] for feature enablement
Setup Overview
-
Create an Edge Connector in Rootly
- Navigate to Settings → Edge Connectors
- Click “Create Edge Connector”
- Configure name and event subscriptions
- Generate an API key
-
Install the Edge Connector Agent
- See the Installation & Deployment guide for detailed setup instructions
-
Configure Actions
- See the Action Configuration guide to define your automations
-
Monitor and Maintain
- View connector status in Rootly dashboard
- Review execution logs
- Update scripts as needed
Quick Links:
- Installation & Deployment - Install and run the Edge Connector
- Action Configuration - Define script and HTTP actions
- Template Syntax - Use dynamic values in actions
- Event Examples - See example event payloads
Action Types
Edge Connector actions fall into two categories:Automatic Actions
These run automatically in response to system events, without user interaction. Configured in theon: section of actions.yml.
Examples: Auto-restart services when alerts fire, send notifications when incidents are created, collect diagnostics automatically.
Callable Actions
These are triggered manually by users from the Rootly UI with interactive buttons and forms. Configured in thecallable: section of actions.yml.
Examples: Manual service restart, deploy hotfix, scale infrastructure, clear cache on demand.
For a detailed comparison including UI behavior, registration process, and configuration differences, see the Action Configuration Guide.
Supported Event Types
Edge Connectors support two categories of events:Automatic Event Types
These events are triggered automatically by system events and can be subscribed to when configuring your Edge Connector: Alert Events:alert.created- New alert from monitoring systemalert.updated- Alert properties changedalert.acknowledged- Alert acknowledged by a useralert.resolved- Alert marked as resolvedalert.deleted- Alert removed
incident.created- New incident startedincident.updated- Incident properties changedincident.in_triage- Incident moved to triage statusincident.mitigated- Incident mitigatedincident.resolved- Incident marked resolvedincident.cancelled- Incident cancelledincident.deleted- Incident deleted
Manual Trigger Event Types
These events are triggered by user actions and are configured per action:action.triggered- Standalone action triggered by a useralert.action_triggered- Action triggered from an alert contextincident.action_triggered- Action triggered from an incident context
You can configure which automatic events your Edge Connector subscribes to when creating or editing it in the Rootly UI. Manual trigger events are configured in your action definitions. For detailed payload examples and templating patterns, see the Event Examples page.
Use Cases
Automated Remediation
Automatically restart services or run diagnostic scripts when critical alerts are detected. Perfect for known issues that have established remediation procedures.Internal System Integration
Create tickets in internal ITSM systems that aren’t accessible from the internet. Bridge Rootly with on-premises Jira, ServiceNow, or custom ticketing systems.Hybrid Cloud Orchestration
Run Ansible playbooks or other automation tools in response to incident lifecycle events. Trigger infrastructure changes, scaling operations, or deployment rollbacks.Diagnostic Collection
Automatically collect logs, metrics, and diagnostics when incidents occur. Gather context automatically to speed up incident investigation.See the Action Configuration guide for detailed examples of these use cases with complete action definitions.
Managing Edge Connectors
Viewing Connector Status
In the Rootly dashboard, you can monitor:- Online Status: Whether the connector is actively polling
- Last Poll Time: When the connector last checked for events
- Events Pending: Number of events waiting to be processed
- Recent Executions: Logs of recently executed actions
API Key Management
Each Edge Connector requires an API key:- Navigate to Settings → API Keys
- Create a new key with type Edge Connector
- Associate it with your Edge Connector
- Store the key securely on your connector host
Documentation
- Installation & Deployment - Install and configure the Edge Connector in your environment
- Action Configuration - Define script and HTTP actions to automate responses
- Template Syntax - Use Liquid templates for dynamic values in actions
- Event Examples - Reference for event payload structures and fields
Best Practices
Security:- Run the Edge Connector on a dedicated, isolated host
- Store secrets in environment variables, never in configuration files
- Version control all scripts and review through pull requests
- Rotate API keys periodically
- Configure appropriate polling intervals (typically 10-30 seconds)
- Set reasonable script timeouts based on expected execution time
- Implement retry logic in your scripts for transient failures
- Monitor connector health and set up downtime alerts
- Use descriptive names for connectors and actions
- Document script requirements and dependencies
- Test actions thoroughly before production deployment
- Keep the connector software updated