1. IMR Help
  2. Integrations
  3. Graylog Integration Guide
Close modal icon featuring an X formed by two crossed lines.
  1. IMR Help
  2. Integrations
  3. Graylog Integration Guide

Graylog Integration Guide

Graylog is a leading centralized log management solution built to open standards for capturing, storing, and enabling real-time analysis of terabytes of machine.

What can Xurrent IMR do for Graylog users?

With the Graylog Integration, Xurrent IMR sends new Gralog conditional alerts to the right team and notifies them based on on-call schedules via email, text messages(SMS), phone calls(Voice), Slack, Microsoft Teams and iOS & Android push notifications, and escalates alerts until the alert is acknowledged or closed. Xurrent IMR provides your application engineers with detailed context around the Graylog alert along with playbooks and a complete incident command framework to triage and remediate and resolve incidents with speed.

Whenever a condition on Graylog is met, Xurrent IMR will create an incident.

You can also use Alert Rules to custom route specific Graylog alerts to specific users, teams or escalation policies, write suppression rules, auto add notes, responders and incident tasks.

To integrate Graylog with Xurrent IMR, complete the following steps:

In Xurrent IMR:

  1. To add a new Graylog integration, go to Teams on Xurrent IMR and click on the team you want to add the integration to.
  2. Next, go to Services and click on the relevant Service.
  3. Go to Integrations and then Add New Integration. Give it a name and select the application Graylog from the dropdown menu.
  4. Go to Configure under your Integrations and copy the Webhook URL generated.

In Graylog:

  1. Log in to Graylog. Go to Notification Channels-> Add New Channel. Select type as Webhook.
  2. Select Inputs under the Systems drop-down menu. From the Select Input drop-down list, select Syslog UDP and click on Launch New Input.
  1. Select the Node and enter the title of the input and save it.
  1. Click on Alerts from the menu. Select Conditons from the Manage Alert Conditions section.
  1. Select Message Count Condition from Condition type drop-down list and Add alert.
  1. Enter the title of the alert, set the time range and threshold type. Set the threshold value, grace period, message backlogs and save.
  1. Click on Notifications under the Manage Alert Conditions section.
  2. Click on Add New Notification. Select HTTP Alarm Callback under the Notification type drop-down list.
  1. Enter the title of the notification and under URL, paste the copied link.
  1. Graylog is now integrated and Xurrent IMR will create incidents from the alerts.

In this article

Heading 2
Heading 3
Heading 4
Heading 5
Heading 6