The SignifAI Community Hub

Welcome to the SignifAI Community Hub.
This is the place for you to find something new, express your thoughts, share and collaborate with other people. You'll find comprehensive guides and documentation to help you start working with SignifAI as quickly as possible, as well as support if you get stuck. Let's jump right in!

Logz.io

Integrating with Logz.io

Integrating with Logz.io Using a Web Collector

Logz.io provides log analysis software based on the world’s most popular open-source log management platform, ELK (Elasticsearch, Logstash and Kibana), as an enterprise-grade service with alerting, Live Tail, automatic data parsing, AWS S3 archiving, built-in dashboards and critical events prediction in real-time.
Logz.io enables you to leverage natively-integrated alerts with your ELK Stack. Alerts can be sent to SignifAI as generic webhooks.
SignifAI Web Collector integrates with Logz.io Alert notification to provide you fast correlation and root-cause detection to events happening across your applications and infrastructure.
SignifAI Insights & Answers ™ engine process all of Logz.io alerts and provide you with more insightful information coming from all your other monitoring tools.

Web Collection Installation

First make sure you have Admin access to your Logz.io console.

  1. You will need to create a new alert based on a search term in Logz.io. Creating a new alert in Logz.io is done from the “Discover” tab in Kibana. Enter your query in the “Search” field.
  1. Once you’ve narrowed down the type of log message on which you want to be alerted, click the “Create Alert” button. The query is copied to the Alert Creation Wizard, where it can be modified as needed.

On the first page of the wizard, you will need to configure the trigger conditions.
Then, after naming and describing the alert on the following page, you will set a trigger.

  1. In the final step, add a new End Point, select the Custom type.
  1. Copy the Web Collector URL from the SignifAI Sensor section into Logz.io URL.

  2. Switch the Method to: "POST".

  3. Last, Copy and Paste the following template into the Body section. Note: SignifAI supports the default template and also added an additional option to add the application name reporting the alert.
    Adding the application name attribute will allow you to automatically correlate not only based on the default attributes but also based on a common application name between all your other systems.

Custom Template:

{
  "alert_title": "{{alert_title}}",
  "alert_description": "{{alert_description}}",
  "alert_severity": "{{alert_severity}}",
  "alert_event_samples": "{{alert_event_samples}}",
  "alert_application_name": "appname - will be set manually by the user"
}

Alert Event Samples

Logz.io attach to each alert up to 5 event samples. SignifAI semantically analyzes the text and correlate those samples as well. This means that SignifAI can infer additional correlation and detection from the samples and not only from the alert title or description.

Incident Auto Closing

Logz.io incidents are not closed automatically because Logz.io does not send notifications when alerts are resolved. SignifAI will automatically close any incident if no new events will trigger within the auto close window time parameter. In addition, any SignifAI issue that will be marked as "I Fixed It" will be closed immediately.

Need Help With The Integration?

Contact us at: support@signifai.io and we will be happy to help.

Logz.io

Integrating with Logz.io