Skip to main content

Logentries

Supported Versions

Type

Authentication Type

SaaS Version on July 14, 2016

Webhook

Org Bearer Token

Logentries is an easy-to-use, self-hosted log management and analytics service for teams of all sizes.

Install the Integration

Logentries Incidents Do Not Close Automatically

Logentries incidents are not closed automatically because Logentries does not send notifications when alerts are resolved. You must manually resolve Logentries incidents in BigPanda to remove them from the incident feed or create alerts with an ok status to automatically clear events.

Configure the Webhook to send alerts to BigPanda

  1. In Logentries, go to Tags & Alerts. Create a new tag and alert or edit an existing alert by clicking Edit beside it.

  2. In Add an Alert, ensure all alerts are sent to BigPanda by using the recommended settings:

    Match: Once, one per hour.
Report: 100 per hour.
Send to: Leave blank.

  3. Expand Other Options and select the Webhook option.

  4. Enter the IP address and port of the server that will run the script, then Save your changes.

Install the Logentries and BigPanda script

  1. Download and save the Logentries BigPanda Community GitHub script to the active server that will run it.

  2. Edit the script to contain:

    • App key: <Your App Key>

    • Bearer Token: <Your Org Bearer Token>

    • Port: The port of the machine running the script (default 10000)

  3. Run the twistd proxy server sudo twistd -y bigpanda_proxy.py to start the web server

  4. You will notice after running this command, twistd generates a log file in the same directory. You can check this to verify everything is ok.

(Optional) In Logentries, verify the correct alert webhook URL is in use

  1. If required, replace the URL with the correct IP address and port. For example: http://127.0.0.1:10000/form.

  2. From a command window, trigger an alert by sending test data to Logentries. For example: telnet-ssl -z ssl data.Logentries.com 443 100002bfbea1e-10c3-4419-bdad-7e6435882e1f status = 500

  3. Log in to BigPanda to see your newly created alert.

Note: Logentries Incidents Do Not Close Automatically. Logentries incidents are not closed automatically because Logentries does not send notifications when alerts are resolved. You must manually resolve Logentries incidents in BigPanda to remove them from the incident feed or create alerts with an ok status to automatically clear events.

Uninstall the Integration

Deleting an integration requires that you remove the integration in both the integrated system and BigPanda. We recommend that you first uninstall the integration on the integrated system to prevent traffic from being sent and rejected by BigPanda, since the app key will not exist once you delete the integration in BigPanda.

Caution during replacement

When replacing an existing integration with a new tool or system, we recommend configuring the new integration first to ensure no data is lost.

Deactivate Inbound Integration

If you want to stop sending data to BigPanda but don’t want to delete your integration, you can temporarily deactivate it.

To deactivate an inbound integration:

  1. In BigPanda, navigate to the Integrations tab and select the desired integration from the list. This will open integration details on the right side of the window.

  2. At the top of the integration details, click the Active/Inactive toggle next to the application name to change the status of the integration.

In the integrations list, inactive integrations will be marked with a gray bar.

Alert resolution for inactive integrations

Any active alerts belonging to an inactive integration must be manually resolved or they will stay in the system until the auto-resolve window is reached.

Stop Sending Data to BigPanda

Within the integrated system, disable any settings that send data to BigPanda.

Each system requires specific changes to disable the integration with BigPanda. For example, you must delete the topic in CloudWatch, and you must disable the alert channel in New Relic. To determine the changes for your integrated system, reference the relevant documentation or contact BigPanda support.

Manually resolve any open alerts sent from the integration to remove the associated incidents from your incident feed. These incidents will not automatically resolve without an ok status from the original sending integration.

Delete the Integration in BigPanda

Take the following steps to delete the integration from BigPanda:

  1. In BigPanda, navigate to the Integrations tab and select the desired integration from the list.

  2. In the integration details on the right of the page, click the trash icon, then confirm you want to delete the integration. The integration will be removed immediately.

️Automatic alert resolution for deleted integrations

All active alerts from the integration will be resolved after deletion.

Data removal

This procedure does not remove any data from the integrated system.

In this section: