There are predefined and custom integrations that can easily be configured. This tutorial will walk you through them, and show you how you can adjust our webhooks to be sent anywhere, anyway.
Slack
1) Go to settings --> Integrations and click the '+' sign on the righthand side:
2) Select ‘Slack’, add the desired alias (the desired name of your integration), add the room webhook (URL), and click save.
** To find your webhook, click here: URL: my.slack.com/services/new/incoming-webhook/ (while logged into Slack), choose the room name, click ‘Add incoming webhook integration’ and copy the webhook you got into Coralogix.
3) If you don’t see your new integration under your alert definition, try to refresh your browser
PagerDuty
1) Go to settings –> Integrations and click the ‘+’ sign on the righthand side and choose PagerDuty:
2) Add the desired alias (the desired name of your integration), add the integration key, and click save:
** Note that in the integration settings you should choose 'use our API directly' option:
Opsgenie
1) Go to settings --> Integrations and click the '+' sign on the righthand side and choose WebHook:
2) Add the desired alias (the desired name of your integration), add the method URL, edit headers and body and click save. For example, 'Post' request:
Parameters:
URLhttps://api.opsgenie.com/v2/alerts
Headers{"Content-Type": "application/json","Authorization": "GenieKey your-API-Key"}
Body (for example){"uuid": "webhook auto generated uuid","message": "An alert from Coralogix","alias": "It is hard to fail, but it is worse never to have tried to succeed","priority": "P1"}
** To find your API key create integration and go to its setting page:
** For more optional 'JSON Body Fields' and limitations click here.
Custom Alert WebHooks
Coralogix allows you to define the payload that you wish to send when an alert is triggered, once a general webhook is defined in your settings, it can be added to any new alert you create. You can create multiple webhooks, and assign one or more to your alerts.
To define your webhook, Go to settings --> Integrations and click the '+' sign on the right-hand side, choose WebHook and fill your destination URL. This will send alerts to your destination:
To create a custom alert payload, click "Edit Payload":
You can add/remove fields as long as you keep a valid JSON format. Make sure that the payload structure complies with the requirements of your operation and alert management platform.
You can also tag any JSON field in the alert webhook's payload in order to customize alert outputs with your own log content, just add your field name with '$' sign as it's prefix (e.g. "$my_JSON_field"):
Here is a list of all available placeholders you may use and a description of each one.
Placeholder context | Placeholder | Description |
Alert event info | $ALERT_NAME | The name of the Alert |
$ALERT_ACTION | Alert action, whether it triggered or this is a resolve notification |
|
$ALERT_URL | URL to access the alert in Coralogix |
|
$EVENT_SEVERITY | The severity (significance) that was chosen to the alert. It will be one of: [Info,Warning,Critical] |
|
$ALERT_DESCRIPTION | The description added in the alert |
|
$EVENT_TIMESTAMP_MS | The time in milliseconds when the alert was triggered |
|
$EVENT_TIMESTAMP | The time when the alert was triggered as a string with the date and time |
|
$HIT_COUNT | For advanced alerts, hit count presents the hit count of logs which triggered the alert |
|
Logs info | $LOG_URL | Link to the alert logs |
$APPLICATION_NAME | The application name of the presented example log |
|
$SUBSYSTEM_NAME | The subsystem name of the presented example log |
|
$LOG_TEXT | The entire log payload, whether it is a textual log or JSON formatted log |
|
$JSON_KEY | In case the logs are JSON formatted, you may include any key (JSON field) from the log itself |
|
$JSON_KEY.numeric | If the chosen field possesses a number value and you wish to include it in it's numeric form (use it in the custom webhook body without wrapping quotes) use it with the suffix of .numeric. E.g. $status_code.numeric |
|
$COMPUTER_NAME | The computer name (if exists) of the presented example log |
|
$CATEGORY | The category (if exists) of the presented example log |
|
$IP_ADDRESS | The Ip address (if exists) of the presented example log |
|
$THREAD_ID | The thread id (if exists) of the presented example log |
|
General | $TEAM_NAME | The Coralogix account name from which the alert is from |
$CORALOGIX_ICON_URL | The Coralogix Icon |
|
click save.
Google Chat API Incoming webhooks
Configuring a Google chat webhook integration can easily be done with the custom webhook integration. Choose the WebHook integration and fill in your destination chat URL, you can check the documentation from Google here to see how to retrieve the URL.
Next, define your webhook body. Note that Google chat API expects a flat JSON structure with one key “text” as the webhook body. It can still of course contain all the relevant information you are interested in from your log itself, by tagging the keys using ‘$’ as explained above. Here is an example for you to test:
{"text": "Hi team! This is the Coralogix team, your webhook structure needs to be flat with one key in the JSON in order to fit Google chats. Use the Coralogix keys tagged with '$' to signify what you would like to send. Here is an example: alert_id=$ALERT_ID, name= $ALERT_NAME, description = $ALERT_DESCRIPTION, application = $APPLICATION_NAME ,subsystem= $SUBSYSTEM_NAME, Alert Log = $LOG_TEXT ------- You may see the above table containing all the different options you may use to structure your custom messages. Enjoy!"}CopyFor more Google chat API options such as using formatted text in messages, including links in messages, @mention specific/all users you can visit here.
When you are done configuring your desired webhook, In your alert, go to the ‘Notification settings” section and choose your newly defined webhook.
** If you don’t see your new integration under your alert definition, try to refresh your browser