Logz.io

Effortlessly configure Logz.io integration for incident management with Squadcast - A comprehensive guide on setting up and optimizing Logz.io for efficient incident response.

Logz.io allows engineers to look into their stack with powerful log, metric and tracing analytics based on the cloud-native tools they use.

Route detailed monitoring alerts from Logz.io to the right users in Squadcast.

How to integrate Logz.io with Squadcast

In Squadcast: Using Logz.io as an Alert Source

Navigate to Services -> Service Overview -> select or search for your Service. Expand the accordion -> In the Alert Sources section, click Add.

2. Select Logz.io. Copy the displayed Webhook URL to configure it within Logz.io. Finish by clicking Add Alert Source -> Done.

Important:

When an alert source turns Active, it’ll show up under Configured Alert Sources, you can either generate a test alert from the integration or wait for a real-time alert to be generated by the Alert Source. An Alert Source is active if there is a recorded incident via that Alert Source for the Service.

In Logz.io: Create a Squadcast webhook alert

(1) In the app, go to Alerts & Events > Notification endpoints to create the webhook

(2) Click on Add endpoint

(3) Fill in the form as shown below:

Type: Custom
Name: Squadcast Webhook
Description (optional)
URL: Paste the URL endpoint that was copied from Squadcast Service for Logz.io
Method: POST
Run the test to see if you received a test alert in Squadcast
Click on Save

Find more details on how each of these parameters can be configured here

{
    "alert_title": "{{alert_title}}",
    "alert_description": "{{alert_description}}",
    "alert_severity": "{{alert_severity}}",
    "account_id": "{{account_id}}",
    "account_name": "{{account_name}}",
    "alert_samples": "{{alert_samples}}",
    "alert_tags_json": "[{{alert_tags_json}}]"
}

(4) Next, to create the alert itself, you can either:

Go to Alerts & Events > New Alert or,
Click on Create Alert from the Kibana dashboard

Find more details on how each of these parameters can be configured here

(5) Give the alert a title

Now, you will have to fill out the 3 sections:

(a) Search for... section:

Either enter your Search query or verify that the query present is correct
Choose to Group By certain fields
Select Accounts to Search
Choose to repeat this (by adding another query), join the queries, etc.

(5) (b) Trigger if... section:

Add Trigger conditions for the alert and add one or more thresholds for the trigger

(5) (c) Notify section:

Add a Description for the alert (which will be visible for these incidents in Squadcast)
Associate Tags (if any)
Who to send it to -> choose Squadcast Webhook
Choose a wait time between notifications as needed
Output format -> choose JSON
You can choose to either send all log fields or custom fields

(6) Click on Save

That is it, you are now good to go! Whenever a log alert is triggered in Logz.io, an incident will be created automatically in Squadcast.

FAQ:

Q: If an alert gets resolved in Logz.io, does Logz.io send auto-resolve signals to Squadcast?

A: No, Logz.io does not send auto-resolve signals to Squadcast. Hence, Squadcast incidents from Logz.io should be resolved manually.

Have any questions? Ask the community.

PreviousLogstash NextManageEngine Application Manager

Last updated 10 months ago