Coralogix allows you to integrate with any operation and alert management platform in order to get alerted in real time and manage your Coralogix insights.
There are predefined and custom integrations that can easily be configured. This tutorial will walk you through them, and show you how you can adjust our webhooks to be sent anywhere, anyway.
1) Go to settings –> Integrations and click the ‘+’ sign on the righthand side:
2) Select ‘Slack’, add the desired alias (the desired name of your integration), add the room webhook (URL), and click save.
** To find your webhook, click here: https://my.slack.com/services/new/incoming-webhook (while logged into Slack), choose the room name, click ‘Add incoming webhook integration’ and copy the webhook you got into Coralogix.
3) If you don’t see your new integration under your alert definition, try to refresh your browser
For configuring a PagerDuty webhook integration please refer to our dedicated PD instructions here.
For configuring an MS Teams webhook integration please refer to our dedicated instructions here.
For configuring a VictorOps webhook integration please refer to our dedicated instructions here.
For configuring a Jira webhook integration please refer to our dedicated instructions here.
For configuring a Opsgenie webhook integration please refer to our dedicated instructions here.
Custom Alert WebHooks
Coralogix allows you to define the payload that you wish to send when an alert is triggered, once a general webhook is defined in your settings, it can be added to any new alert you create. You can create multiple webhooks, and assign one or more to your alerts.
To define your webhook, Go to settings –> Integrations and click the ‘+’ sign on the right-hand side, choose WebHook and fill your destination URL. This will send alerts to your destination:
To create a custom alert payload, click “Edit Payload”:
You can add/remove fields as long as you keep a valid JSON format. Make sure that the payload structure complies with the requirements of your operation and alert management platform.
You can also tag any JSON field in the alert webhook’s payload in order to customize alert outputs with your own Log content, just add your field name with ‘$’ sign as it’s prefix (e.g. “$my_JSON_field”)
Here is a list of all available placeholders you may use and a description of each one.
|Alert event info||$ALERT_NAME||The name of the Alert|
|$ALERT_ACTION||Alert action, whether it triggered or this is a resolve notification|
|$ALERT_URL||URL to access the alert in Coralogix|
|$EVENT_SEVERITY||The severity (significance) that was chosen to the alert. It will be one of: [Info,Warning,Critical]|
|$ALERT_DESCRIPTION||The description added in the alert|
|$EVENT_TIMESTAMP_MS||The time in milliseconds when the alert was triggered|
|$EVENT_TIMESTAMP||The time when the alert was triggered as a string with the date and time|
|$HIT_COUNT||For advanced alerts, hit count presents the hit count of logs which triggered the alert|
|Logs info||$LOG_URL||Link to the alert logs|
|$APPLICATION_NAME||The application name of the presented example log|
|$SUBSYSTEM_NAME||The subsystem name of the presented example log|
|$LOG_TEXT||The entire log payload, whether it is a textual log or JSON formatted log|
|$JSON_KEY||In case the logs are JSON formatted, you may include any key (JSON field) from the log itself|
|$JSON_KEY.numeric||If the chosen field possesses a number value and you wish to include it in it's numeric form (use it in the custom webhook body without wrapping quotes) use it with the suffix of .numeric. E.g. $status_code.numeric|
|$COMPUTER_NAME||The computer name (if exists) of the presented example log|
|$CATEGORY||The category (if exists) of the presented example log|
|$IP_ADDRESS||The Ip address (if exists) of the presented example log|
|$THREAD_ID||The thread id (if exists) of the presented example log|
|General||$TEAM_NAME||The Coralogix account name from which the alert is from|
|$CORALOGIX_ICON_URL||The Coralogix Icon|
In your alert, go to the ‘Notification settings” section and choose your newly defined webhook.
** If you don’t see your new integration under your alert definition, try to refresh your browser