Announcing the ELK Stack with Alerts and Slack Integration

logz.io and slack

Critical alerts in your environment need to be delivered through a channel where you will actually see them right away. E-mail is always backlogged, and too many people filter alerts into a folder where they often end up sitting for hours, if not days. SMS and text-message alerts are ignored as often as car alarms for the same reason — there are just too many of them.

Noting the increasing use of the Slack in the tech world, we are proud to announce the integration of WebHooks into our ELK Stack alerts mechanism. This new feature easily allows customers to integrate our combined Elasticsearch, Logstash, and Kibana platform into Slack or any other third-party application or service that can accept WebHooks.

Using Slack to receive alerts makes it easy to get mobile notifications and collaborate as a team around production or support issues.

As an example, here is how you would add support for Slack integration to the Logz.io cloud-based ELK Stack as a service.

How to Integrate ELK Alerts and Slack

This tutorial assumes you have a Slack account. If not, you can go to slack.com to add one. It’s free (up to a point)!

Step 1

Go to https://slack.com/apps and search for “Incoming WebHook”:

slack webhooks

Step 2

Select the account to which you want to send alerts:

incoming webhooks
 

Step 3

Click “Add Configuration”:

add slack configuration

Step 4

Choose the Slack channel where you want to receive alerts, and click “Add Incoming WebHooks Integration”:

choose slack channel

Step 5

Get your Webhook URL (which we will use in a second):

get webhooks url

Step 6

Log into your Logz.io account (or create a new one there). Under the “Alerts” tab, select “Alert Endpoints” and then click on “Create Endpoint”:

create endpoint

Step 7

Configure your endpoint:

  • Under “Type” select “Slack”
  • Under “Name” give your endpoint a unique one
  • Under “Description” tell yourself why and what is that endpoint
  • Under “URL” past the “Webhook URL” from Step 5

The form looks like this:

configure endpoint

Step 8

Save the endpoint and make sure it is working properly:

save endpoint

Step 9

Configure an alert, and select the desired endpoint(s) under “Notification Endpoints.” Alerts can now be sent to those Slack locations in addition to e-mail addresses or as standalone notifications:

configure an alert

Step 10

Wait for the alert to fire (as long as you have configured your log shipping to the Logz.io ELK properly, of course):

alert notification

Step 11

Be proud! Now, you can see all of your Logz.io ELK Stack alerts directly in your Slack feed along with your team messages and any other third-party integrations that you have created.

The Greater Context

Kibana was born as a humble diagnostic tool and has become the world’s most popular data visualization platform among DevOps engineers, site reliability engineers, and developers.

How do they use it? A Kibana dashboard contains numerous charts that each separately show the activity of an individual part of one’s environment. Any spike or trough in any visualization represents activity that needs to be checked.

In the past, the Kibana part of the open-source ELK Stack did not contain an alerting mechanism. We added one, and we have now integrated WebHooks and Slack as well — making Kibana the unparalleled visualization platform in the world.

Want to learn more about using the Logz.io ELK as a service platform with Slack and WebHooks integration?
Artboard Created with Sketch.

Leave a Reply

Your email address will not be published. Required fields are marked *

× Big News! Announcing Infrastructure Monitoring and our Cloud Observability Platform! Read more