Logz.io Alerts

The built-in Logz.io Alerts trigger initiates a flow when it receives a signal from a Logz.io alert.

Add the Logz.io Alerts trigger to the canvas

  1. Go to the Triggers tab in the palette, expand the App Triggers section and drag the trigger onto the canvas.
  2. Double-click the trigger (or click the pencil icon).
  3. Set the authenticating user, and then copy the URL — you'll use this to set up the webhook in Logz.io. Alternatively, you can create an integration user to use as the authenticating user.

  4. Click the Flood Control tab to edit the trigger's default flood control settings. For more information about these settings, see Trigger Flood Control.
  5. Click Done.
  6. On the flow canvas, connect the steps you want to run when xMatters receives a request to that URL.

You're now ready to configure Logz.io to target the trigger.

Configure Logz.io to send requests to the trigger URL

To have Logz.io send alerts to the flow trigger, you need to create a custom endpoint and set it to use the trigger URL. 

First, create a new custom endpoint.

  1. In Logz.io, navigate to the Alerts & Events tab and select Notification endpoints.

  2. Click Add endpoint. The Add a new Notification Endpoint window opens.

  3. For the Type field, use the drop-down to select Custom.
  4. Enter a Name and optional Description.
  5. In the URL field, add the xMatters trigger URL.
  6. Add the target names of any recipients you want to notify when the alert fires to the end of the URL.
    • For URL authentication, use an ampersand to attach recipients. For example, if you want to notify Emma Pearson and the on-call members in the group responsible for the Antares service, you'd add &recipients=epearson,antares to the URL.
    • For other authentication types, use a question mark to attach recipients. For example, if you want to notify Barry Gull and the on-call members in the group responsible for the Cassiopeia service, you'd add ?recipients=bgull,cassiopeia to the URL.
    • You must URL-encode any special characters or spaces in the target names.
  7. Set the Method to POST.
  8. If you use Basic Authentication, add your authentication information in the Headers section.
  9. Insert the following Configuration Payload you copied earlier into the available field:
Copy 
{
  "account_name": "{{account_name}}",
  "alert_definition_id": "{{alert_definition_id}}",
  "alert_description": "{{alert_description}}",
  "alert_samples": "{{alert_samples}}",
  "alert_severity": "{{alert_severity}}",
  "alert_timeframe_end": "{{alert_timeframe_end}}",
  "alert_timeframe_start": "{{alert_timeframe_start}}",
  "alert_title": "{{alert_title}}"
}

Now you'll need to create a new alert to add the endpoint to Logz.io.

  1. Navigate to theAlerts & Events tab and select New alert.

  2. At the top of the window, give the new alert a name.

  3. Complete step 1 by configuring the query.
  4. In the Accounts to search section, select Just these accounts and use the drop-down to select xMatters.
  5. In step 2, set the Trigger conditions and severity. The severity you set here defines the incident severity in xMatters.

  6. In step 3, enter an optional description and tags.

  7. In the Who to send it to section, use the drop-down to select the custom endpoint you just created.
  8. Click Save.

You're ready to use the webhook to trigger automated flows, including steps such as sending alerts and initiating incidents, though we always recommend testing before putting things into use.

Outputs

The trigger has the following outputs you can use as inputs to steps further along the flow.

Label

 Description
Recipients List of targeted recipients.
Signal Mode Determines the flow path to follow, based on the value of the Alert Description parameter.
Signal ID Key or identifier used to terminate or correlate events/signals.
Account Name Name of the Logz.io account.
Definition ID Unique ID of the alert in Logz.io.
Description Description of the alert as provided by Logz.io.
Title Title of the alert that triggered.
Samples Prints a sample of the raw logs that caused the alert to trigger.
Severity Severity of the alert that triggered.
Timeframe End End time for the sliding window of log data for the alert.
Timeframe Start Start time for the sliding window of log data for the alert.
Raw Request JSON representation of the request that can be parsed separately to get additional context on outputs.