Gemfile

source 'https://rubygems.org'
gem 'gmail'
gem 'curb'

Gemfile.lock

GEM
  remote: https://rubygems.org/
  specs:
    curb (0.8.5)
    gmail (0.4.0)
      gmail_xoauth (>= 0.3.0)
      mail (>= 2.2.1)
      mime (>= 0.1)
    gmail_xoauth (0.4.1)
      oauth (>= 0.3.6)
    mail (2.5.4)
      mime-types (~> 1.16)
      treetop (~> 1.4.8)
    mime (0.3.0)
    mime-types (1.25.1)
    oauth (0.4.7)
    polyglot (0.3.4)
    treetop (1.4.15)
      polyglot
      polyglot (>= 0.3.1)

PLATFORMS
  ruby

DEPENDENCIES
  curb
  gmail

pd_gmail_cleared_integration.rb

#!/usr/bin/env ruby
require 'gmail'
require 'curb'
require 'json'

#credentials to login to PagerDuty and resolve incidents
subdomain="metrixmatrix"
api_token="CHANGE_THIS"
user_id_resolver = "[email protected]"
users_id = "PF03V7Y"

# Credentials to login to Gmail email address & a separate email address to check_from as the source for CLEARED emails
check_from_email="[email protected]"
username="[email protected]"
password="CHANGE_THIS"

# The part you may need to customize: it selects the unique part of your gmail-subject line that needs to be matched to identify the corresponding incident in PagerDuty
# In this example, it checks the gmail-subject line for two things - RESOLVED and also a multiple digit ID from the monitoring system
def match_test(subject,body)
  if subject.match('RECOVERY')
    puts "Searching for the monitoring ID within the email subject line."
    id_block = subject.match(/LAST #(\d+):/)
    id_block=id_block.to_s
    id_number = id_block.match(/(\d+)/)
  end
end

puts "Connecting to Gmail"
gmail=Gmail.new(username,password)

# Get CLEARED message Alert ID from Gmail
# Exits if there are no new CLEARED messages
# You need to enter the logic to identify these CLEARED messages and tag them through a Gmail filter, set up separately inside Gmail
puts ("Checking messages for CLEARED notificatons")
count="0"
count=gmail.label("cleared").count(:from => check_from_email)
if count == 0
  puts ("No CLEARED messages found. Exiting...")
  exit
else
  puts "Clear label email count is: #{count}"
end

puts ("Getting Alert ID Number.")
cleared_ids=Array.new
cleared_emails=gmail.label("cleared").emails(:from => check_from_email)
cleared_emails.each do |email|
  subject_line= email.subject
  email_body = email.multipart? ? (email.text_part ? email.text_part.body.decoded : nil) : email.body.decoded
  issue_id = match_test(subject_line,email_body)
  unless issue_id.nil?
    cleared_ids.push issue_id
  end
end
gmail.logout
puts "Monitoring system's CLEARED email notification ID's from your gmail inbox:"
puts cleared_ids

# Check PagerDuty for open incidents & resolve them
# Step 1: hit the PagerDuty API for all open PagerDuty incident numbers and save any numbers that match Gmail CLEARED ID's in alert-subject line
# Gets PagerDuty open incidents based on matching subject line ID in CLEARED notifications and saves their number (not ID) & subject line
incident_keys=Hash.new

your_site_trigger_number_subject="https://#{subdomain}.pagerduty.com/api/v1/incidents?fields=incident_number,status,incident_key&status=triggered,acknowledged"
c = Curl::Easy.http_post(your_site_trigger_number_subject) do |curl|
      curl.headers['Content-Type'] = 'application/json'
      curl.headers['Authorization'] = "Token token=#{api_token}"
      curl.encoding = ''
      curl.perform
  string = curl.body_str
  parsed = JSON.parse(string)

  #puts parsed
  parsed["incidents"].each do |line|
    number = line["incident_number"]
your_site_trigger_id_subject="https://#{subdomain}.pagerduty.com/api/v1/incidents/#{number}"
    c2 = Curl::Easy.http_post(your_site_trigger_id_subject) do |curl2|
      curl2.headers['Content-Type'] = 'application/json'
      curl2.headers['Authorization'] = "Token token=#{api_token}"
      curl2.encoding = ''
      curl2.perform

      string = curl2.body_str
      parsed = JSON.parse(string)

    end
    subject = parsed["id"]
    incident_keys[number] = subject
  end
end

puts "These incident ID's are open or unresolved in PagerDuty:"
puts incident_keys

# Check PagerDuty for open incidents & resolve them
# Step 2: hit the PagerDuty API and save each individual PagerDuty incident ID (needed to resolve)
# Gets your PagerDuty open incident ID's based off their incident number
nagios_pd_ids=Array.new
incident_keys.each_pair do |number, subject|
  #puts number
  your_site_trigger_id="https://#{subdomain}.pagerduty.com/api/v1/incidents/#{subject}/log_entries?include%5B%5D=channel"
  c = Curl::Easy.http_post(your_site_trigger_id) do |curl|
    curl.headers['Content-Type'] = 'application/json'
    curl.username = username
    curl.headers['Authorization'] = "Token token=#{api_token}"
    curl.perform

    string = curl.body_str
    parsed = JSON.parse(string)

    #puts parsed["log_entries"].last["channel"]["details"]["problem_id"]
    prblem_id = parsed["log_entries"].last["channel"]["details"]["problem_id"]
    unless prblem_id.nil?
      cleared_ids.each do |id|
        if prblem_id.match(id.to_s)
          puts "match: #{subject}"
          nagios_pd_ids.push subject
          #incident_keys[number] = subject
        end
      end
    end
  end
end

# Check PagerDuty for open incidents & resolve them
# Step 3: hit the PagerDuty API and resolve those open PagerDuty incident ID's also CLEARED in your monitoring system's emails
puts "These problem ids are open or unresolved in PagerDuty and have subject-line matches with the CLEARED's ID's:"
puts nagios_pd_ids
puts "Marking the above incident(s) as resolved!"

your_site_resolve="https://#{subdomain}.pagerduty.com/api/v1/incidents"
nagios_pd_ids.each do |key|
      put_data = '{"requester_id":"'+users_id+'","incidents":[{"id":"' + key + '","status":"resolved"}]}'
      puts put_data
  pd = Curl::Easy.http_put(your_site_resolve,put_data) do |curl|
      curl.headers['Content-Type'] = 'application/json'
      curl.headers['Authorization'] = "Token token=#{api_token}"
      curl.perform
  end
  puts pd.body_str
end