diff --git a/examples/workflows/ilert-incident-upon-alert.yaml b/examples/workflows/ilert-incident-upon-alert.yaml
new file mode 100644
index 000000000..09ba1dea0
--- /dev/null
+++ b/examples/workflows/ilert-incident-upon-alert.yaml
@@ -0,0 +1,23 @@
+id: aad72d69-92b9-4e21-8f67-97d2a69bf8ac
+description: Create ILert incident upon Keep Alert
+triggers:
+- filters:
+  - key: source
+    value: keep
+  type: alert
+owners: []
+services: []
+steps: []
+actions:
+- name: ilert-action
+  provider:
+    config: '{{ providers.ilert-default }}'
+    type: ilert
+    with:
+      affectedServices:
+      - impact: OPERATIONAL
+        service:
+          id: 339743
+      message: A mock incident created with Keep!
+      status: INVESTIGATING
+      summary: Keep Incident {{ alert.name }}
diff --git a/keep/providers/ilert_provider/ilert_provider.py b/keep/providers/ilert_provider/ilert_provider.py
index 5f402b9fd..787ef9597 100644
--- a/keep/providers/ilert_provider/ilert_provider.py
+++ b/keep/providers/ilert_provider/ilert_provider.py
@@ -132,12 +132,12 @@ def validate_scopes(self):
         self.logger.info("Scopes validated", extra=scopes)
         return scopes
 
-    def _query(
+    def _notify(
         self,
         summary: str,
         status: IlertIncidentStatus = IlertIncidentStatus.INVESTIGATING,
         message: str = "",
-        affectedServices: str = "[]",
+        affectedServices: str | list = "[]",
         id: str = "0",
         **kwargs: dict,
     ):