Logz.io employs a multi-tier, multi-datacenter data-ingestion pipeline to process log data securely. Once data is collected, it is then parsed and enriched with additional metadata. The log data is then indexed into a dedicated data-store that is able to scale and grow to fit any needed capacity of log data. All log data is highly available across multiple data centers and is backed up to ensure data availability.

Install the Integration

Administrators can install the integration by following the on-screen instructions in BigPanda.

Before You Start

• Obtain a Logz.io account.

• Obtain BigPanda administrator access.

After Installation

• Configure a test alert in Logz.io and send it to the BigPanda endpoint. Be sure to clean up any test data and settings when the test is complete.

❗️

Logz.io incidents are not closed automatically because Logz.io does not send notifications when alerts are resolved. You must manually resolve Logz.io incidents in BigPanda to remove them from the incident feed.

• (Optional) Configure a custom endpoint and configure the desired Logz.io alerts to use it.

Configure A Custom Endpoint

To customize the Logz.io data that you send to BigPanda, you can configure a custom endpoint as follows:

• Type—Custom

• Name and Description

• URL—<https://api.bigpanda.io/data/v2/alerts>

• Method—POST

• Headers—Authorization=Bearer ${token}, Content-Type=application/json; charset=utf8

❗️

You must replace the ${token} with the corresponding value that you copied from BigPanda in Step 1.

• Body—custom payload that meets the Alerts API payload requirements.

{
  "app_key": "${app key}",
  "service": "My Service",
  "status": "critical",
  "check": "{{alert_title}}",
  "description": "{{alert_description}}",
  "severity": "{{alert_severity}}",
  "alert_event_samples": "{{alert_event_samples}}"
}

❗️

Payload Requirements

You must replace the ${app_key} with the corresponding value that you copied from BigPanda in Step 1.

BigPanda requires that the payload contains a primary tag named service, host, or application and a status tag with a value of critical, warning, or ok. You may also want to include a check tag with a value of {{alert_title}} or a hard-coded value, and it will be included in the incident title in the BigPanda UI.

Uninstall the Integration

Deleting an integration requires changes to both the integrated system and BigPanda. You must uninstall the integration on the integrated system and then delete the integration from BigPanda.

🚧

When replacing an existing integration with a new tool or system, we recommend configuring the new integration first to ensure no data is lost.

Stop Sending Data to BigPanda

On the integrated system, disable any settings that send data to BigPanda.

Manually resolve any open alerts sent from the integration to remove the associated incidents from your incident feed. These incidents will not automatically resolve without an ok status from the original sending integration.

Delete the Integration from BigPanda

1. In BigPanda, navigate to the Integrations tab and select the desired integration from the list.
2. In the integration details on the right, click Delete Integration. A support message opens, pre-populated with a request to delete the selected integration.
3. Press Enter to send the request.
4. The BigPanda support team will remove the integration from the UI.

❗

️

This procedure does not remove any data from BigPanda or the integrated system. As needed, remove data from each system before deleting the integration.