Humio

Send alerts to Squadcast from Humio

Humio is a modern log management tool with streaming observability and is built to ingest & retain streaming data as quickly as it arrives, regardless of volume.

Route detailed alerts from Humio to the right users in Squadcast.

Using Humio as an Alert Source

Navigate to Services -> Service Overview -> select or search for your Service. Expand the accordion -> In the Alert Sources section, click Add.

2. Select Humio. Copy the displayed Webhook URL to configure it within Humio. Finish by clicking Add Alert Source -> Done.

Important:

When an alert source turns Active, it’ll show up under Configured Alert Sources, you can either generate a test alert from the integration or wait for a real-time alert to be generated by the Alert Source. An Alert Source is active if there is a recorded incident via that Alert Source for the Service.

Create a Squadcast Webhook Alert in Humio

(1) Login to your Humio dashboard. Head over to the Alerts tab. Then under Actions, click on + New Action

(2) Select Action Type as Webhook. Put in the Name, select Method as POST and paste the previously copied Squadcast Webhook URL in the placeholder for Endpoint URL. Paste the payload mentioned below under the Message Body Template box and save it

{
    "repository": "{repo_name}",
    "timestamp": "{triggered_timestamp}",
    "alert": {
    "name": "{name}",
    "description": "{description}",
    "query": {
        "queryString": "{query_string} ",
        "end": "{query_time_end}",
        "start": "{query_time_start}"
    },
    "notifierID": "{action_id}",
    "id": "{id}"
    },
    "warnings": "{warnings}",
    "numberOfEvents": {event_count},
    "url": "{url}"
}

Note: Custom Defined Variables

Users can define custom variables under the Message Body Template box :

{ "custom" : { "key" : "value" , . . . , "key" : "value" } }

Replace the [key] & [value] with proper values and add at the end of the variables mentioned in Step 2. This is how it might look like.

Eg. :

{
    "repository": "{repo_name}",
    "timestamp": "{triggered_timestamp}",
    "alert": {
    "name": "{name}",
    "description": "{description}",
    "query": {
        "queryString": "{query_string} ",
        "end": "{query_time_end}",
        "start": "{query_time_start}"
    },
    "notifierID": "{action_id}",
    "id": "{id}"
    },
    "warnings": "{warnings}",
    "numberOfEvents": {event_count},
    "url": "{url}",
    "custom" : {
        "key1" : "value1",
        "key2" : "value2",
        "key3" : "value3"
    }
}

(3) Now, click on Alerts and then on + New Alert. Put in the Name, check the Alert enabled checkbox and create your Query accordingly. Then under Actions, click on the + icon and add the previously created action. Then click on Create alert

That's it, you are good to go! Your Humio integration is now complete. Whenever Humio fires an alert, an incident will be created in Squadcast for it.

Have any questions? Ask the community.

PreviousHoneycomb NextHund

Last updated 1 year ago

Was this helpful?

{ "repository": "{repo_name}", "timestamp": "{triggered_timestamp}", "alert": { "name": "{name}", "description": "{description}", "query": { "queryString": "{query_string} ", "end": "{query_time_end}", "start": "{query_time_start}" }, "notifierID": "{action_id}", "id": "{id}" }, "warnings": "{warnings}", "numberOfEvents": {event_count}, "url": "{url}" }