In this challenging global environment, we realize many of our customers will work from home for the next several weeks. Thankfully, Logz.io is designed to support distributed teams and work environments, and we wanted to highlight some of the ways you can use the platform both for remote monitoring and to collaborate better with your teams over the course of the COVID-19 pandemic. While health is everyone’s #1 priority, maintaining productivity is also critical to many engineers, and hopefully these tools and tricks can help ease your mind and workload just a bit.

To do this, we are happy to announce our newest feature, Incident Reports, which keeps separate and customizable journals of specific events that our service logs and monitors. This addition to our offering is in pre-release, allowing you to keep individual journals of specific kinds of events that come across your logs.

Logz.io is a mainly cloud-based service, working out of AWS and Azure to make sure we can provide around-the-clock service. Our battle plan includes regional-switching to maintain high availability across multiple zones to retain high continuity. In addition, we have many features optimized for working and monitoring remotely from home. So, you will find a number of other Logz.io features that will help you work from home and maintain strong communication while juggling Slack, Zoom, Jira, Salesforce, and your far-busier Google Calendars.

Incident Reports Tutorial

To launch, go to the Tools section under the cog in the upper right-hand corner, then select Incident reports from the top of the submenu. 

Select "Incident Reports" under "Tools," beneath the cog in the upper right-hand corner of the Logz.io interface

Select “Incident Reports” under “Tools,” beneath the cog in the upper right-hand corner of the Logz.io interface

On the main Incident Reports page, press the +Create incident report button. Fill in the details. Then press Add on the far right of the screen.

Choose "+Create Incident Report"

Choose “+Create Incident Report”

Fill in the details. Then press Add on the far right of the screen.

Generate the snapshot in your Logz.io Kibana dashboard.

Under the "Share" menu item, select "Snapshot"

Under the “Share” menu item, select “Snapshot”

 

Logz.io Features for Working Remotely

1. Scheduled Reports 

Logz.io Scheduled Reports are sent automatically with a cron expression. Logz.io generates automatic reports on a regular, customized interval. Use the Reports page in the Logz.io UI located under Alerts & Events. 

If you are a user of Logz.io Cloud SIEM, this will appear as a separate page.

Hit the +New Report button, then you can fill in the relevant details, including the report’s name and cron schedule. Specify the Kibana dashboard, and where to forward it, either by email or Slack (more on that in a moment):

2. Alice, the Logz.io Slackbot 

Alice, the Logz.io chatbot, queries Logz.io via Slack. Slack has become a clear staple for the workplace, and with working from home about to increase immensely, you’ll probably find yourself “slacking” off more over the next few days or weeks. This add-on might even speed up your reaction to Logz.io alerts.

If you have the Slack app installed on your phone, this also gives you quick mobile access to your Logz.io account with the search or snapshot commands. It will send dashboard or graphic snapshots to Slack, alerts, and of course your logs. Note, Alice does not yet support metrics.

3. Sharing Kibana Dashboards and Visualizations

There are three main options for sharing dashboards in Logz.io. Two are concerned with sharing it with other team members who also have access to the same Logz.io account. But public sharing is available for other cases. For all three of these options, you will need to create a Shared Token.

First, the public option will generate a link with that token that you can then share outside your organization. You won’t have to be logged in for the link to be viewed by others.

Second, you can embed the dashboard within an html <iframe> on a website. However, you need to be logged into the relevant account for this to work, so this option might be best suited for Atlassian or Jira.

Third, like the first option, you can generate a link. The link will only work though for someone signed into the same Logz.io account.

4. Applying Token Filters to Shared Dashboards

In conjunction to the previous feature, you can specify which information to display in your shared dashboards. Input the description of the filter, then the field name and value. 

From there, click Attach Filter. Get more info here on Logz.io token filters.

5. Sharing Grafana Dashboards in Logz.io

Select the Share option. Then select Snapshot. There, you can generate a link to an interactive version of the dashboard with a specific name. You can also set an expiration time.

Alternatively, you can export the dashboard as a file, then share it with someone outside the organization.

Lastly, you can share a direct link to someone within your organization, customized according to the time range and whether or not it should include template variables.

6. Sharing the browser URL of Kibana

It’s often impossible to capture everything that you want to communicate with a simple screenshot. Therefore, Logz.io lets users share an extended sample of the dashboard with a link.

This feature returns to the exact state of a Kibana dashboard at the exact moment you share the link to the dashboard with someone. It can be used as a quick way to share an interactive snapshot between peers on the same team or across teams. When it refreshes (at the interval set on the dashboard), it will display logs relative to the state the dashboard was in when it was shared.

7. Alerts

The Logz.io alert notification itself adds a sample of logs that are relevant to the precise alert. You can customize which fields within the logs to share as part of the alert. They can be shared to any location, namely Slack or email. Logz.io alerts, a feature not native to the open source ELK Stack, must be in the Lucene query language, not KQL (Kibana Query Language).

To create an alert, refine your query and filters first and THEN click the actual Create alert button. You must then name the alert and can further edit those queries and filters.

Create alerts with Logz.io managed Elastic Stack

Create alerts with Logz.io managed Elastic Stack

Edit the Logz.io alert's query and filters

Edit the Logz.io alert’s query and filters

You can then choose up to three fields to include in the alert with the “Group by” option. Additionally, set which accounts (or all of them) the alert will cover, plus the threshold and severity levels for the alert’s trigger.

You can also designate destinations for the alerts over different notification channels (like Slack and email), use descriptions and tags, and designate the output format as JSON or a custom format.

Moving Forward

Logz.io knows the nature of work will be very different in the coming months and maintain our commitment to supporting our users and DevOps overall. We are considering more features that will seek to help teams now working apart and remotely to make Logz.io as convenient as possible during an inconvenient time.