# Humio

[<mark style="color:blue;">Humio</mark>](https://www.humio.com/) is a modern log management tool with streaming observability and is built to ingest & retain streaming data as quickly as it arrives, regardless of volume.

Route detailed alerts from Humio to the right users in Squadcast.

### Using Humio as an Alert Source

1. Navigate to **Services** -> **Service Overview** -> select or search for your Service. Expand the accordion -> In the Alert Sources section, click **Add**.

![](https://1574591692-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2F8TaWz01jmUJl58p4ZVel%2Fuploads%2Fgit-blob-4fbd74e7ca0b30173c47a1d58ed6a0804a0465aa%2FAlert_Sources.png?alt=media\&token=aaca6610-9d18-4dd4-9cf5-320042f326f1)

2\. Select **Humio**. Copy the displayed **Webhook URL** to [configure](#create-a-squadcast-webhook-alert-in-humio) it within **Humio.** Finish by clicking **Add Alert Source** -> **Done**.

![](https://1574591692-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2F8TaWz01jmUJl58p4ZVel%2Fuploads%2Fgit-blob-c0d34f25459641c27b93b41ea2b7007d406a4c5c%2FHumio.png?alt=media)

{% hint style="warning" %}
**Important:**

When an alert source turns Active, it’ll show up under Configured Alert Sources, you can either generate a test alert from the integration or wait for a real-time alert to be generated by the Alert Source. An Alert Source is active if there is a recorded incident via that Alert Source for the Service.
{% endhint %}

### Create a Squadcast Webhook Alert in Humio

**(1)** Login to your Humio dashboard. Head over to the **Alerts** tab. Then under **Actions**, click on **+ New Action**

![](https://1574591692-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2F8TaWz01jmUJl58p4ZVel%2Fuploads%2Fgit-blob-3a1d112dca85246bb96cd09e9539a35810a7a163%2Fhumio_2.png?alt=media)

**(2)** Select **Action Type** as **Webhook**. Put in the **Name**, select **Method** as **POST** and paste the previously copied Squadcast Webhook URL in the placeholder for **Endpoint URL**. Paste the payload mentioned below under the **Message Body Template** box and save it

```json
{
    "repository": "{repo_name}",
    "timestamp": "{triggered_timestamp}",
    "alert": {
    "name": "{name}",
    "description": "{description}",
    "query": {
        "queryString": "{query_string} ",
        "end": "{query_time_end}",
        "start": "{query_time_start}"
    },
    "notifierID": "{action_id}",
    "id": "{id}"
    },
    "warnings": "{warnings}",
    "numberOfEvents": {event_count},
    "url": "{url}"
}
```

![](https://1574591692-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2F8TaWz01jmUJl58p4ZVel%2Fuploads%2Fgit-blob-2caa818d82a6a7db4c694f60988ae9b96f8a1284%2Fhumio_3.png?alt=media)

{% hint style="info" %}
**Note: Custom Defined Variables**

Users can define custom variables under the **Message Body Template** box :

**{ "custom" : { "key" : "value" , . . . , "key" : "value" } }**

Replace the **\[key]** & **\[value]** with proper values and add at the end of the variables mentioned in **Step 2**. This is how it might look like.

**Eg. :**

```json
{
    "repository": "{repo_name}",
    "timestamp": "{triggered_timestamp}",
    "alert": {
    "name": "{name}",
    "description": "{description}",
    "query": {
        "queryString": "{query_string} ",
        "end": "{query_time_end}",
        "start": "{query_time_start}"
    },
    "notifierID": "{action_id}",
    "id": "{id}"
    },
    "warnings": "{warnings}",
    "numberOfEvents": {event_count},
    "url": "{url}",
    "custom" : {
        "key1" : "value1",
        "key2" : "value2",
        "key3" : "value3"
    }
}
```

{% endhint %}

**(3)** Now, click on **Alerts** and then on **+ New Alert**. Put in the **Name**, check the **Alert enabled** checkbox and create your **Query** accordingly. Then under **Actions**, click on the **+** icon and add the previously created action. Then click on **Create alert**

![](https://1574591692-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2F8TaWz01jmUJl58p4ZVel%2Fuploads%2Fgit-blob-4340c3dec13fb4921831a0669c73768d5009ebaa%2Fhumio_4.png?alt=media)

![](https://1574591692-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2F8TaWz01jmUJl58p4ZVel%2Fuploads%2Fgit-blob-d8b5a40f504f67aa54a116d7cd8d80b9c5385fe2%2Fhumio_5.png?alt=media)

![](https://1574591692-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2F8TaWz01jmUJl58p4ZVel%2Fuploads%2Fgit-blob-2fd6892161f6502a8bdd451828429c760e4ebc67%2Fhumio_6.png?alt=media)

That's it, you are good to go! Your Humio integration is now complete. Whenever Humio fires an alert, an incident will be created in Squadcast for it.

*Have any questions?* [*Ask the community*](https://community.squadcast.com/view/home)*.*