SolarWinds Papertrail Alerts

The built-in SolarWinds Papertrail Alerts trigger initiates a flow when it receives a signal from SolarWinds Papertrail.

Add the Papertrail Alerts trigger to the canvas

  1. Go to the Triggers panel in the palette, expand the App Triggers section, and drag the trigger onto the canvas.
  2. Double-click the trigger (or click the pencil icon).
  3. Set the authenticating user and then copy the URL — you'll use this to set up the webhook in Papertrail. Alternatively, you can create an integration user to use as the authenticating user.

  4. Click the Flood Control tab to edit the trigger's default flood control settings. For more information about these settings, see Trigger Flood Control.
  5. Click Done.
  6. On the flow canvas, connect the steps you want to run when xMatters receives a request to that URL.

You're now ready to configure Papertrail to target the trigger.

Configure Papertrail to send requests to the trigger URL

To have Papertrail send an alert to xMatters, you must first have at least one saved search in Papertrail.

You can create a new saved search or use an existing saved search:

  • To save a new Papertrail search:
    • Go to Events and search for the logs you want Papertrail to alert on. Refine the returned matches, then click Save Search.
    • On the Save Search window, give the search a unique name, then click Save & Setup an Alert.
  • To set up an alert on an existing Papertrail search:
    • On the Dashboard, click the pencil icon on the saved search and select New Alert.

Now that we have a search to alert on, let's set up the alert.

  1. On the Choose a Service page, select Webhook.

  2. On the Create Alert screen, configure the alert conditions.
  3. In the Webhook Details section, paste the trigger URL you copied from Flow Designer.
  4. Add the target names of any recipients you want to notify when the alert fires to the end of the URL.
    • For URL authentication, use an ampersand to attach recipients. For example, if you want to notify Emma Pearson and the on-call members in the group responsible for the Antares service, you'd add &recipients=epearson,antares to the URL.
    • For other authentication types, use a question mark to attach recipients. For example, if you want to notify Barry Gull and the on-call members in the group responsible for the Cassiopeia service, you'd add ?recipients=bgull,cassiopeia to the URL.
    • You must URL-encode any special characters or spaces in the target names.

  5. To receive a smaller payload from Papertrail, select Send only counts.
  6. Click Create Alert.

You're ready to use the webhook to trigger automated flows, including steps such as sending alerts and initiating incidents, though we always recommend testing before putting things into use.

Outputs

The trigger has the following outputs you can use as inputs to steps further along the flow.

Label

 Description
Recipients List of targeted recipients.
Signal Mode Determines the flow path to follow based on the presence or absence of the sawmill property. If the property exists, the alert is a test, otherwise the alert is not a test.
Alert Interval

How often alerts are sent if records matching the search query are found. Available frequency options are:

  • 1 minute
  • 10 minutes
  • 1 hour
  • 1 day
End Time Time of the last event within the given timeframe.
Event Count Number of Papertrail events that occur within the given timeframe.
First Event Facility Facility of the first event matching the search query.
First Event Hostname Hostname of the first event matching the search query.
First Event ID Unique ID of the first event within the given timeframe.
First Event Message Message of the first event matching the search query.
First Event Program Program of the first event matching the search query.
First Event Severity Severity of the first event matching the search query.
First Event Source Name Source name of the first event matching the search query.
Last Event ID Unique ID of the last alert triggered within the giventime frame.
Search Name Name of the saved search in Papertrail.
Search Query Query of the saved search used to filter the logs.
Search URL Direct URL to the search query in Papertrail.
Start Time Time of the first event within the given timeframe.
Raw Request JSON representation of the request that can be parsed separately to get additional context on outputs.