Logentries

Logentries provides IT teams with real-time log data monitoring for systems, apps, and services. Build this integration to correlate Logentries alerts into high-level incidents in BigPanda.

Supported VersionsTypeAuthentication Type
SaaS Version on July 14, 2016WebhookBearer Token

Logentries is an easy-to-use, self-hosted log management and analytics service for teams of all sizes.

📘

Using Sample Code

These samples are meant to provide a helpful starting point for your custom integration. Though you may be able to copy some of the samples and use them without modifications, your system administrators must review and test all scripts and methods before using them, as per good practices.

Before You Start

Make sure you have the following set up before starting your installation:

  • Logentries account.

  • Existing Logentries alerts or the ability to create new alerts.

  • BigPanda account.

  • Understanding of BigPanda Alerts API.

  • Identify the active server that will run the GitHub Script.

Step 1: In BigPanda, create an App Key.

  1. In BigPanda, click the Integrations tab at the top of the screen.

  2. In the left pane, click New Integration.

  3. On the Monitoring tab, click Alerts REST API.

  4. In Step 1, enter the name of the integration.For example, enter Logentries.

  5. Click Generate App Key.

Step 2: In Logentries, configure the Webhook to send alerts to BigPanda.

  1. In Logentries, go to Tags & Alerts.

  2. Create a new tag and alert</ahttps://docs.logentries.com/docs/setup-tags-alerts> or edit an existing alert by clicking Edit beside it.

  3. In Add an Alert, ensure all alerts are sent to BigPanda by using the recommended settings:

  • Match: Once, one per hour.
  • Report: 100 per hour.
  • Send to: Leave blank.

  1. Expand Other Options and select the Webhook option.

  2. Enter the IP address and port of the server that will run the script, then Save your changes.
    The provided script defaults to port 10000.

Step 3. Install the Logentries and BigPanda script.

  1. Download and save the Logentries BigPanda Community GitHub script to the active server that will run it.

  2. Edit the script to contain:

  • BigPanda Bearer Header key - Located on the Alerts API integration screen under the HTTP headers section.

  • BigPanda App key - Located on the Alerts API integration screen under the step one.

  • Port (default 10000) - The port of the machine running the script.

  1. Run the twistd proxy server sudo twistd -y bigpanda_proxy.py to start the web server.

📘

You will notice after running this command, twistd generates a log file in the same directory. You can check this to verify everything is ok.

  1. (Optional) In Logentries, verify the correct alert webhook URL is in use.
    If required, replace the URL with the correct IP address and port. For example:
  • <http://127.0.0.1:10000/form.>

Step 4. Test the integration by sending a test alert from Logentries.

  1. From a command window, trigger an alert by sending test data to Logentries. For example:
  • telnet-ssl -z ssl data.Logentries.com 443 100002bfbea1e-10c3-4419-bdad-7e6435882e1f status = 500
  1. Log in to BigPanda to see your newly created alert.

After Installation

  • Add another alert to an existing search, if required.

  • Create more alerts in Logentries for other statuses; for example, warning, critical or ok alerts.

📘

Logentries Incidents Do Not Close Automatically

Logentries incidents are not closed automatically because Logentries does not send notifications when alerts are resolved. You must manually resolve Logentries incidents in BigPanda to remove them from the incident feed or create alerts with an ok status to automatically clear events.

Uninstall the Integration

Deleting an integration requires changes to both the integrated system and BigPanda. You must uninstall the integration on the integrated system and then delete the integration from BigPanda.

🚧

When replacing an existing integration with a new tool or system, we recommend configuring the new integration first to ensure no data is lost.

Stop Sending Data to BigPanda

On the integrated system, disable any settings that send data to BigPanda.

Manually resolve any open alerts sent from the integration to remove the associated incidents from your incident feed. These incidents will not automatically resolve without an ok status from the original sending integration.

Delete the Integration from BigPanda

  1. In BigPanda, navigate to the Integrations tab and select the desired integration from the list.
  2. In the integration details on the right, click Delete Integration. A support message opens, pre-populated with a request to delete the selected integration.
  3. Press Enter to send the request.
  4. The BigPanda support team will remove the integration from the UI.

This procedure does not remove any data from BigPanda or the integrated system. As needed, remove data from each system before deleting the integration.