Alert & Audit integrations

Connect the Lenses Agent to your alerting and auditing systems.

The Agent can send out alerts and audits events. Once you have configured alert and audit connections, you can create alert and audit channels to route events to them.

See JSON schema for support.

Environment variables are supported; escape the dollar sign

sslKeystorePassword:
  value: "\${ENV_VAR_NAME}"

Names must match be alphanumeric or dash non-empty string.

Alerts

DataDog

provisioning.yaml

datadog:
- name: my-datadog-connection
  version: 1
  tags: [tag1, tag2]
  configuration:
    # The Datadog site.
    site:
      value:
    # The Datadog API key.
    apiKey:
      value:   
    # The Datadog application key.
    applicationKey:
      value:

AWS CloudWatch

See AWS connection.

PagerDuty

provisioning.yaml

pagerduty:
- name: my-pagerduty-connection
  version: 1
  tags: [tag1, tag2]
  configuration:
    # An Integration Key for PagerDuty's service with Events API v2 integration type.
    integrationKey:
      value:

Slack

provisioning.yaml

slack:
- name: my-slack-connection
  version: 1
  tags: [tag1, tag2]
  configuration:
    # The Slack endpoint to send the alert to.
    webhookUrl:
      value:

Alert Manager

provisioning.yaml

alertManager:
- name: my-alertmanager-connection
  version: 1
  tags: [tag1, tag2]
  configuration:
    # Comma separated list of Alert Manager endpoints.
    endpoints:
      value:

Webook (Email, SMS, HTTP and MS Teams)

provisioning.yaml

webhook:
- name: my-webhook-alert-connection
  version: 1
  tags: [tag1, tag2]
  configuration:
    # The host name for the HTTP Event Collector API of the Splunk instance.
    host:
      value: 
    # The port number for the HTTP Event Collector API of the Splunk instance. (int)
    port:
      value:  
    # Set to true in order to set the URL scheme to https. 
    # Will otherwise default to http.
    useHttps:
      value:
    # An array of (secret) strings to be passed over to alert channel plugins.
    creds:
      value:
        - 
        -

Audits

Webhook

provisioning.yaml

webhook:
- name: my-webhook-audit-connection
  version: 1
  tags: [tag1, tag2]
  configuration:
    # The host name for the HTTP Event Collector API of the Splunk instance.
    host:
      value: 
    # The port number for the HTTP Event Collector API of the Splunk instance. (int)
    port:
      value:  
    # Set to true in order to set the URL scheme to https. 
    # Will otherwise default to http.
    useHttps:
      value:
    # An array of (secret) strings to be passed over to alert channel plugins.
    creds:
      value:
        - 
        -

Splunk

provisioning.yaml

splunk:
- name: my-splunk-connection
  version: 1
  tags: [tag1, tag2]
  configuration:
    # The host name for the HTTP Event Collector API of the Splunk instance.
    host:
      value: 
    # The port number for the HTTP Event Collector API of the Splunk instance. (int)
    port:
      value:  
    # Use TLS. Boolean, default false
    useHttps:
      value:
    # This is not encouraged but is required for a Splunk Cloud Trial instance. Bool
    insecure:
      value:
    # HTTP event collector authorization token. (string)
    token:
      value:

PreviousAWS NextInfrastructure JMX Metrics

Last updated 3 months ago

Was this helpful?

Good night

hashtagAlerts

hashtagDataDog

hashtagAWS CloudWatch

hashtagPagerDuty

hashtagSlack

hashtagAlert Manager

hashtagWebook (Email, SMS, HTTP and MS Teams)

hashtagAudits

hashtagWebhook

hashtagSplunk

Alerts

DataDog

AWS CloudWatch

PagerDuty

Slack

Alert Manager

Webook (Email, SMS, HTTP and MS Teams)

Audits

Webhook

Splunk