Skip to end of metadata
Go to start of metadata

You are viewing an old version of this content. View the current version.

Compare with Current View Version History

« Previous Version 4 Next »

What does the integration offer?

Use Compass's Alert Logic Integration to forward Alert Logic alerts to Compass. Compass determines the right people to notify based on on-call schedules– notifies email, text messages (SMS), phone calls, iOS & Android push notifications, and escalates alerts until the alert is acknowledged or closed.

How does the integration work?

When an alert is created in Alert Logic, an alert is created in Compass.

Set up the integration

Alert Logic is an API-based integration. Setting it up involves the following steps:

  • Add an Alert Logic integration in Compass

  • Configure the integration in Alert Logic

Add an Alert Logic integration

Bidirectional integrations aren’t supported in the Standard plan. All the other integrations are supported at a team level in Standard; however, for their outgoing part to work, you need to upgrade to a higher plan.

If you're using the Standard plan in Compass, you can add this integration only from your team’s operations page. Adding an integration from your team’s operations page makes your team the owner of the integration. This means Compass only assigns the alerts received through this integration to your team.

To add an Alert Logic integration in Compass, complete the following steps:

  1. Go to your team’s operations page.

  2. On the left navigation panel, select Integrations and then Add integration.

  3. Run a search and select “Alert Logic”.

  4. On the next screen, enter a name for the integration.

  5. Optional: Select a team in Assignee team if you want a specific team to receive alerts from the integration.

  6. Select Continue.
    The integration is saved at this point.

  7. Expand the Steps to configure the integration section and copy the webhook URL.
    You will use this webhook URL while configuring the integration in Alert Logic later.

  8. Select Turn on integration.
    The rules you create for the integration will work only if you turn on the integration.

Configure the integration in Alert Logic

To configure the integration of Alert Logic with Compass, complete the following steps:

  1. In Alert Logic, go to Management > Notifications > Webhooks.

  2. Select +Add New.

  3. Enter a name and title for the webhook.

  4. Paste the integration API URL copied previously into URL.

  5. Select Save.

  6. Navigate to Management > Notifications > Policies.

  7. Either edit or create a new policy.

  8. Paste the webhook URL previously copied from Compass into Alert Recipients.

  9. Select Save.

Sample payload sent from Alert Logic

Create Alert payload (in JSON format)

{
  "aggregated_alerts_count": 0,
  "additional_content": [],
  "alert_definition_type_id": "XXXXXXXX-XXXX-XXXX-XXXX-XXXXXXXXXXXX",
  "customer_id": 111111,
  "data": {
    "message": "Alert Date : 2016-01-15 21:53:09 GMT\nCustomer Name : Your-customer-name\n\nAlert Type : log\nAlert Name : Log Correlation Alert Test - Your-customer-name\nMessage Type : Unix DHCP IP Assigned\n\nLogEvent link:\nhttps://invision.alertlogic.net/log_message.php?id= XXXXXXXXXXXXX",
    "alert_rule_id": 1111,
    "source": "correlation_alert_rules"
  },
  "description": "Your-customer-name LogEvent: Log Correlation Alert - Your-customer-name",
  "id": "XXXXXXXX-XXXX-XXXX-XXXX-XXXXXXXXXXXX",
  "product": {
    "name": "Log Manager"
  },
  "severity": "warning",
  "state": "created",
  "tags": ["example_tag", "example_tag2"],
  "timestamp": 1452894789,
  "type": "correlation",
  "deleted": false,
  "notifications": [
    {
      "id": "XXXXXXXX-XXXX-XXXX-XXXX-XXXXXXXXXXXX",
      "timestamp": 1452894789,
      "alert_id": "XXXXXXXX-XXXX-XXXX-XXXX-XXXXXXXXXXXX",
      "status": "pending",
      "updated": 1452894789,
      "policy_id": "XXXXXXXX-XXXX-XXXX-XXXX-XXXXXXXXXXXX",
      "target_id": "XXXXXXXX-XXXX-XXXX-XXXX-XXXXXXXXXXXX",
      "target_cid": 111111,
      "target_label": "testing",
      "target_channel": "webhook",
      "target_target": "http://your-web-hook-url/",
      "target_contact_id": null
    }
  ]
}

Compass parses the payload as follows:

JSON

{
  "aggregatedAlertCount" : 0
  "description" : "Alert Date : 2016-01-15 21:53:09 GMT\nCustomer Name : Your-customer-name\n\nAlert Type : log\nAlert Name : Log Correlation Alert Test - Your-customer-name\nMessage Type : Unix DHCP IP Assigned\n\nLogEvent link:\nhttps://invision.alertlogic.net/log_message.php?id= XXXXXXXXXXXXX"
  "message" : "Your-customer-name LogEvent: Log Correlation Alert - Your-customer-name"
  "productName" : "Log Manager"
  "severity" : "warning"
  "source" : "correlation_alert_rules"
  "state" : "created"
  "type" : "correlation"
  "tags" : "example_tag", "example_tag2"
}
  • No labels