Logz.io

Logz.io provides log analysis software with alerts, role-based access, unlimited scalability, and free ELK apps.

Supported VersionsTypeAuthentication Type
SaaS DeploymentsWebhookBearer Token

Logz.io employs a multi-tier, multi-datacenter data-ingestion pipeline to process log data securely. Once data is collected, it is then parsed and enriched with additional metadata. The log data is then indexed into a dedicated data-store that is able to scale and grow to fit any needed capacity of log data. All log data is highly available across multiple data centers and is backed up to ensure data availability.

📘

Using Sample Code

These samples are meant to provide a helpful starting point for your custom integration. Though you may be able to copy some of the samples and use them without modifications, your system administrators must review and test all scripts and methods before using them, as per good practices.

Before You Start

  • Obtain a Logz.io account.

  • Obtain BigPanda administrator access.

Step 1: In BigPanda, create an App Key.

  1. In BigPanda, click the Integrations tab at the top of the screen.

  2. In the left pane, click New Integration.

  3. On the Monitoring tab, click Logz.io

  4. In Step 1, enter the name of the integration. For example, enter Logz.io

  5. Click Generate App Key.

  6. Copy the following information to use in Step 2.

  • App Key. For example, 1234z8098z1zhuy7z1z123.

  • Authorization Bearer Token, located under the HTTP headers section. For example, 0z12345z1z123zij12z1zoijo2.

Step 2: In Logz.io, configure an endpoint for sending alerts to BigPanda.

  1. Log in to your Logz.io account.

  2. Under the Alerts tab, click Alert Endpoints, and then click Add Endpoint.

  3. In the Type field, select BigPanda.

📘

Data Sent To BigPanda

The built-in integration sends a standard payload to BigPanda that includes the alert title and alert event samples. Consider starting with this integration type to see if the data meets your needs. If necessary, you can configure a Custom Endpoint to send different data.

  1. Enter a Name and, if desired, a Description.

  2. Enter the Token and App Key that you copied from BigPanda in Step 1.

  3. Click Save.

Step 3: In Logz.io, configure alerts to use the BigPanda endpoint.

  1. In Logz.io, Create an alert or edit an existing alert.

  2. On the Triggers page, in the Notification Endpoints, select the BigPanda endpoint that you created in Step 2.

  1. Click Save Alert.

  2. Repeat Steps 1 – 3 for every alert you want to send to BigPanda. The next time Logz.io generates one of these alerts, you will see it in BigPanda.

After Installation

  • Configure a test alert in Logz.io and send it to the BigPanda endpoint. Be sure clean up any test data and settings when the test is complete.

❗️

Logz.io incidents are not closed automatically because Logz.io does not send notifications when alerts are resolved. You must manually resolve Logz.io incidents in BigPanda to remove them from the incident feed.

  • (Optional) Configure a custom endpoint and configure the desired Logz.io alerts to use it.

Configure A Custom Endpoint

To customize the Logz.io data that you send to BigPanda, you can configure a custom endpoint as follows:

  • Type—Custom

  • Name and Description

  • URL—<https://api.bigpanda.io/data/v2/alerts>

  • Method—POST

  • Headers—Authorization=Bearer ${token}, Content-Type=application/json; charset=utf8

❗️

You must replace the ${token} with the corresponding value that you copied from BigPanda in Step 1.

  • Body—custom payload that meets the Alerts API payload requirements.
{
  "app_key": "${app key}",
  "service": "My Service",
  "status": "critical",
  "check": "{{alert_title}}",
  "description": "{{alert_description}}",
  "severity": "{{alert_severity}}",
  "alert_event_samples": "{{alert_event_samples}}"
}

❗️

Payload Requirements

You must replace the ${app_key} with the corresponding value that you copied from BigPanda in Step 1.

BigPanda requires that the payload contains a primary tag named service, host, or application and a status tag with a value of critical, warning, or ok. You may also want to include a check tag with a value of {{alert_title}} or a hard-coded value, and it will be included in the incident title in the BigPanda UI.

Uninstall the Integration

Deleting an integration requires changes to both the integrated system and BigPanda. You must uninstall the integration on the integrated system and then delete the integration from BigPanda.

🚧

When replacing an existing integration with a new tool or system, we recommend configuring the new integration first to ensure no data is lost.

Stop Sending Data to BigPanda

On the integrated system, disable any settings that send data to BigPanda.

Manually resolve any open alerts sent from the integration to remove the associated incidents from your incident feed. These incidents will not automatically resolve without an ok status from the original sending integration.

Delete the Integration from BigPanda

  1. In BigPanda, navigate to the Integrations tab and select the desired integration from the list.
  2. In the integration details on the right, click Delete Integration. A support message opens, pre-populated with a request to delete the selected integration.
  3. Press Enter to send the request.
  4. The BigPanda support team will remove the integration from the UI.

This procedure does not remove any data from BigPanda or the integrated system. As needed, remove data from each system before deleting the integration.