Graylog v4 Integration Guide
Graylog is a leading centralized log management solution built to open standards for capturing, storing, and enabling real-time analysis of terabytes of machine.
What can Zenduty do for Graylog v4 users?
With the new Graylog Integration, Zenduty sends new Gralog conditional alerts to the right team and notifies them based on on-call schedules via email, text messages(SMS), phone calls(Voice), Slack, Microsoft Teams and iOS & Android push notifications, and escalates alerts until the alert is acknowledged or closed. Zenduty provides your application engineers with detailed context around the Graylog alert along with playbooks and a complete incident command framework to triage and remediate and resolve incidents with speed.
Whenever a condition on Graylog is met, Zenduty will create an incident.
You can also use Alert Rules to custom route specific Graylog alerts to specific users, teams or escalation policies, write suppression rules, auto add notes, responders and incident tasks.
This intergation is for the newer version (v4) of Graylog, for the older version of Graylog, please click here.
To integrate Graylog v4 with Zenduty, complete the following steps:
In Zenduty:
-
To add a new Graylog integration, go to Teams on Zenduty and click on the team you want to add the integration to.
-
Next, go to Services and click on the relevant Service.
-
Go to Integrations and then Add New Integration. Give it a name and select the application Graylog V4 from the dropdown menu.
-
Go to Configure under your Integrations and copy the Webhook URL generated.
In Graylog:
-
Log in to Graylog. Go to Alert -> Notification and create a new notification.
-
Name the notification as you desire and Select HTTP Notification under the Notification Type drop-down menu.
In the URL, paste the webhook that was previously copied.
-
Test the Notification, and save the Notification after whitelisting the URL (If Non-Whitelisted URLs aren't allowed.)
-
Select Event Definition from the menu and Either create a new Event or select a pre-existing event for the Notification to be added to.
-
Click on Notifications in the New Event Definition.
-
Click on Add Notification. Select the previously created Zenduty Integration under the Notification drop-down list.
-
Finish the Event definition for your specified Event.
-
Graylog is now integrated and Zenduty will create incidents from the alerts.