Graylog v4

Send alerts to Squadcast from Graylog v4

This document will help you integrate Graylog v4 with Squadcast.

Graylog v4 is a leading centralized log management solution built to open standards for capturing, storing, and enabling real-time analysis of terabytes of machine data. They deliver a better user experience by making analysis ridiculously fast and efficient using a more cost-effective and flexible architecture. Route detailed monitoring alerts from Graylog v4 to the right users in Squadcast.

How to integrate Graylog v4 with Squadcast

In Squadcast: Using Graylog v4 as an Alert Source

(1) From the navigation bar on the left, select Services. Pick the applicable Team from the Team-picker on the top. Next, click on Alert Sources for the applicable Service

(2) Search for Graylog v4 from the Alert Source drop-down and copy the Webhook URL

In Graylog v4: Add a Webhook for Squadcast

(1) After logging in, select Alerts from the navigation bar on the top

(2) Select Notifications

(3) If you do not have any existing Notifications set up, select Get Started. Else, select Create Notification

(4) Fill in the details:

(a) A meaningful Title (b) An optional Description (c) Notification Type: Select HTTP Notification (d) URL: Paste the copied Squadcast Webhook URL (e) Select Add to URL Whitelist. Here, click on Add URL and add: - A meaningful Title - URL: Paste - Type: Regex - Save the configuration

(f) Now, click on Execute Test Notification to generate a test alert and trigger a test incident in Squadcast

(g) Save the configuration

(5) Within Alerts, head over to Event Definitions. If there are no existing Event Definitions, you can create one or pick an existing Event Definition

(6) Navigate to Notifications in the set-up flow and select Add Notification and select the Squadcast notification added previously and Save the entire configuration in the end

That is it, you are now good to go! Whenever an alert is triggered in Graylog v4, an incident will be created automatically in Squadcast.