An alert fired in Loggly can be sent to PagerDuty, which will then alert the appropriate individual?via SMS, phone, email, or iOS push.
Step 1. In PagerDuty
1. From the?Configuration?menu, select?Services.
2. On your Services page:
– If you are creating a new service for your integration, click?+ Add New Service.
– If you are adding your integration to an existing service, click the name of the service you want to add the integration to. Then click the?Integrations?tab and click the?+ New Integration?button.
3. Enter a name for the service, select Loggly?from the?Integration Type?menu and enter an?Integration Name.
If you are creating a new service for your integration, in General Settings, enter a?Name?for your new service. Then, in Incident Settings, specify the?Escalation Policy,?Notification Urgency, and?Incident Behavior?for your new service.
4. Click the?Add Service?or?Add Integration?button to save your new integration. You will be redirected to the Integrations page for your service.
5. Copy the?Integration Key?for your new integration:
Step 2. In Loggly
1. Click the?Alerts?tab at the top of the Loggly page.
2. Click?Add New?to create a new alert.
3. Enter the alert name, the criteria for the alert such as a Loggly saved search, and the threshold that determines when you want the alert to fire.
4. In the?Then?section, click the checkbox to?Send to an endpoint.
5. Click?Add New?to create a new alert endpoint.
6. Select?PagerDuty?in the dropdown box.
7. Enter the name of the endpoint and a description.
8.?Enter in the?Integration?Key?you copied from PagerDuty in the PagerDuty Step 5 into the API Key field.
9. Press?Save?to create the endpoint and return to the previous page.
10. For PagerDuty, you can enable the optional setting to auto resolve the incidents in PagerDuty when the alert condition clears:
11. Click on?Save?again on this page to save the alert.
Tip: If you want to create additional alerts using the same PagerDuty endpoint, just select the existing endpoint in the dropdown box on Loggly’s Alert setup page.
Step 3. Verify
Click on the?name?of the alert to edit the configuration.
Set the?threshold?to something that is guaranteed to fire, such as setting it to < 1. ?Save the alert when you’re done.
Wait at least?5?minutes for the alert to run and fire.
Log in to your PagerDuty account.
Click on?Services?and then select the service that’s used for monitoring Loggly.
You should see that an incident has been triggered.
7. Now that you have verified that it’s working, go back and reset your threshold criteria to the value you want your alert to fire on.
Advanced PagerDuty?Configuration Options
- In order to resolve?incidents automatically in PagerDuty please make sure to enable this option in your PagerDuty Alert: “When alert condition clears, mark the incident as resolved in PagerDuty”
- In order to?tie together?multiple PagerDuty services, use the following instruction: Once you have two Loggly/Generic API services within PagerDuty, create a new alert within Loggly. ?When configuring the alert endpoint, use the Service API Key from the second PagerDuty service.
If you don’t see any alerts show up please check the following:
- Verify the search that would trigger the alert has the required events by searching for them on the search tab.
- Wait for at least the duration you set as how often the alert runs
- Search or post questions in the?community forum.