Logz.io
Send monitoring events from Logz.io to BigPanda.
| Supported Versions | Type | Authentication Type |
|---|---|---|
| SaaS Deployments | Webhook | Org Bearer Token |
Logz.io employs a multi-tier, multi-datacenter data-ingestion pipeline to process log data securely. Once data is collected, it is then parsed and enriched with additional metadata. The log data is then indexed into a dedicated data-store that is able to scale and grow to fit any needed capacity of log data. All log data is highly available across multiple data centers and is backed up to ensure data availability.
Alerts do not close automatically
Logz.io incidents are not closed automatically because Logz.io does not send notifications when alerts are resolved. You must manually resolve Logz.io incidents in BigPanda to remove them from the incident feed.
Install the Integration
Before you start
- Obtain a Logz.io account
- Obtain BigPanda administrator access
Create an App Key
Create an app key in BigPanda.
Integration Specific
You'll need a separate app key for each integrated system.
App Key Configuration in BigPanda
Configure Logz.io to Send Alerts to BigPanda
-
Log in to your Logz.io account.
-
Under the Alerts tab, click Alert Endpoints, and then click Add Endpoint.
-
In the Type field, select BigPanda.
-
Enter a Name and Description.
-
Enter the following values for Token and App Key:
- Token:
<Your Org Bearer Token> - App Key:
<Your App Key>
- Token:
-
Click Save.
Assign BigPanda Endpoint to Logz.io Alert Definitions
- In Logz.io, create an alert or edit an existing alert.
- Within the Action section click the Recipients box and select the BigPanda Endpoint which you created earlier.
- Click Save.
- Repeat steps 1 - 3 for all alerts you wish to send to BigPanda.
Configure a test alert in Logz.io and send it to the BigPanda endpoint. Be sure to clean up any test data and settings when the test is complete.
Configure A Custom Endpoint
To customize the Logz.io data that you send to BigPanda, you can configure a custom endpoint as follows:
- Type: Custom
- Name and Description
- URL: https://api.bigpanda.io/data/v2/alerts
- Method: POST
- Headers:
Authorization=Bearer ${token}, Content-Type=application/json; charset=utf8(replace the${token}with the app key created in Step 1 of installing the integration) - Body: Custom payload that meets the Alerts API payload requirements.
{
"app_key": "${app key}",
"service": "My Service",
"status": "critical",
"check": "{{alert_title}}",
"description": "{{alert_description}}",
"severity": "{{alert_severity}}",
"alert_event_samples": "{{alert_event_samples}}"
}
Mandatory Fields
BigPanda requires that the payload contains a primary tag named
service,host, orapplicationand a status tag with a value ofcritical,warning, orok. You may also want to include a check tag with a value of{{alert_title}}or a hard-coded value, and it will be included in the incident title in the BigPanda UI.
Uninstall the Integration
Deleting an integration requires that you remove the integration in both the integrated system and BigPanda. We recommend that you first uninstall the integration on the integrated system to prevent traffic from being sent and rejected by BigPanda, since the app key will not exist once you delete the integration in BigPanda.
Caution During Replacement
When replacing an existing integration with a new tool or system, we recommend configuring the new integration first to ensure no data is lost.
Deactivate Inbound Integration
If you want to stop sending data to BigPanda but don’t want to delete your integration, you can temporarily deactivate it.
To deactivate an inbound integration:
- In BigPanda, navigate to the Integrations tab and select the desired integration from the list. This will open integration details on the right side of the window.
- At the top of the integration details, click the Active/Inactive toggle next to the application name to change the status of the integration.
In the integrations list, inactive integrations will be marked with a gray bar.
Alert Resolution for Inactive IntegrationsAlert Resolution for Inactive Integrations
Any active alerts belonging to an inactive integration must be manually resolved or they will stay in the system until the auto-resolve window is reached.
Stop Sending Data to BigPanda
Within the integrated system, disable any settings that send data to BigPanda.
Each system requires specific changes to disable the integration with BigPanda. For example, you must delete the topic in CloudWatch, and you must disable the alert channel in New Relic. To determine the changes for your integrated system, reference the relevant documentation or contact BigPanda support.
Manually resolve any open alerts sent from the integration to remove the associated incidents from your incident feed. These incidents will not automatically resolve without an ok status from the original sending integration.
Delete the Integration in BigPanda
Take the following steps to delete the integration from BigPanda:
- In BigPanda, navigate to the Integrations tab and select the desired integration from the list.
- In the integration details on the right of the page, click the trash icon, then confirm you want to delete the integration. The integration will be removed immediately.
️Automatic Alert Resolution for Deleted Integrations
All active alerts from the integration will be resolved after deletion.
Data Removal
This procedure does not remove any data from the integrated system.
Updated 3 months ago