# Graylog v4

[<mark style="color:blue;">Graylog v4</mark>](https://www.graylog.org/products/latestversion) is a leading centralized log management solution built to open standards for capturing, storing, and enabling real-time analysis of terabytes of machine data. They deliver a better user experience by making analysis ridiculously fast and efficient using a more cost-effective and flexible architecture.

Route detailed monitoring alerts from Graylog v4 to the right users in Squadcast.

### How to integrate Graylog v4 with Squadcast

### In Squadcast: Using Graylog v4 as an Alert Source

1. Navigate to **Services** -> **Service Overview** -> select or search for your Service. Expand the accordion -> In the Alert Sources section, click **Add**.

![](https://1574591692-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2F8TaWz01jmUJl58p4ZVel%2Fuploads%2Fgit-blob-4fbd74e7ca0b30173c47a1d58ed6a0804a0465aa%2FAlert_Sources.png?alt=media\&token=aaca6610-9d18-4dd4-9cf5-320042f326f1)

2\. Select **Graylog v4**. Copy the displayed **Webhook URL** to [configure](#in-graylog-v4-add-a-webhook-for-squadcast) it within **Graylog v4.** Finish by clicking **Add Alert Source** -> **Done**.

![](https://1574591692-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2F8TaWz01jmUJl58p4ZVel%2Fuploads%2Fgit-blob-8c2a54e1ca8446300a2931c61e9cd7af4718a105%2FGraylog%20v4.png?alt=media\&token=f41ce851-23d8-43c4-803c-0281bfb57775)

{% hint style="warning" %}
**Important:**

When an alert source turns Active, it’ll show up under Configured Alert Sources, you can either generate a test alert from the integration or wait for a real-time alert to be generated by the Alert Source. An Alert Source is active if there is a recorded incident via that Alert Source for the Service.
{% endhint %}

### In Graylog v4: Add a Webhook for Squadcast

**(1)** After logging in, select **Alerts** from the navigation bar on the top

![](https://1574591692-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2F8TaWz01jmUJl58p4ZVel%2Fuploads%2Fgit-blob-b3078ba3c6c912ccc3b4fadd0c0c0cb8048c51a1%2Fgraylog-v4-2.png?alt=media)

**(2)** Select **Notifications**

![](https://1574591692-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2F8TaWz01jmUJl58p4ZVel%2Fuploads%2Fgit-blob-a8e839534294527b2356b339279d77e8823cbac0%2Fgraylog-v4-3.png?alt=media)

**(3)** If you do not have any existing Notifications set up, select **Get Started**. Else, select **Create Notification**

![](https://1574591692-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2F8TaWz01jmUJl58p4ZVel%2Fuploads%2Fgit-blob-a83a60bc12d81a3e52a658d1981c15c0ae35dbaf%2Fgraylog-v4-4.png?alt=media\&token=b4f7759a-accf-4661-88dc-8dc20ed2e322)

**(4)** Fill in the details:

![](https://1574591692-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2F8TaWz01jmUJl58p4ZVel%2Fuploads%2Fgit-blob-ff47675cfd0d5665c147b3a8917a078a413dcb2a%2Fgraylog-v4-5.png?alt=media)

(a) A meaningful **Title** (b) An optional **Description** (c) **Notification Type**: Select **HTTP Notification** (d) **URL**: Paste the copied Squadcast Webhook URL (e) Select **Add to URL Whitelist**. Here, click on **Add URL** and add: - A meaningful **Title** - **URL**: Paste `api.squadcast.com` - **Type**: `Regex` - **Save** the configuration

<figure><img src="https://1574591692-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2F8TaWz01jmUJl58p4ZVel%2Fuploads%2Fgit-blob-c44fd22b8e079b52ee629b62957146a67ddd7ee4%2Fgraylog-v4-6.png?alt=media&#x26;token=f8817c81-f397-4676-b675-b71fc1f2bf5d" alt="" width="563"><figcaption></figcaption></figure>

(f) Now, click on **Execute Test Notification** to generate a test alert and trigger a test incident in Squadcast

(g) **Save** the configuration

**(5)** Within **Alerts**, head over to **Event Definitions**. If there are no existing Event Definitions, you can create one or pick an existing Event Definition

![](https://1574591692-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2F8TaWz01jmUJl58p4ZVel%2Fuploads%2Fgit-blob-eac87fd9b7ef55bac6dd8306605429d150da7dad%2Fgraylog-v4-7.png?alt=media)

**(6)** Navigate to **Notifications** in the set-up flow and select **Add Notification** and select the *Squadcast notification* added previously and **Save** the entire configuration in the end

![](https://1574591692-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2F8TaWz01jmUJl58p4ZVel%2Fuploads%2Fgit-blob-76433c3d7d6367cb29e232bbc14808ae109537c8%2Fgraylog-v4-8.png?alt=media\&token=2522ecf8-e207-47d9-b4c7-59c50ffb4e1b)

That is it, you are now good to go! Whenever an alert is triggered in Graylog v4, an incident will be created automatically in Squadcast.

{% hint style="info" %}
**FAQ:**

Q: If an alert gets resolved in Graylog v4, does Graylog v4 send auto-resolve signals to Squadcast?

A: No, Graylog v4 does not send any auto-resolve signals to Squadcast. Incidents for alerts from Graylog v4 need to be manually resolved in Squadcast.
{% endhint %}

*Have any questions?* [*Ask the community*](https://community.squadcast.com/view/home)*.*