# Alert & Audit integrations The Agent can send out alerts and audits events. Once you have configured alert and audit connections, you can create alert and audit channels to route events to them. {% hint style="info" %} See [JSON schema](https://docs.lenses.io/latest/deployment/configuration/overview#json-schema-support) for support. Environment variables are supported; escape the dollar sign ```yaml sslKeystorePassword: value: "\${ENV_VAR_NAME}" ``` {% endhint %} {% hint style="danger" %} Names must match be alphanumeric or dash non-empty string. {% endhint %} ## **Alerts** ### DataDog {% code title="provisioning.yaml" %} ```yaml datadog: - name: my-datadog-connection version: 1 tags: [tag1, tag2] configuration: # The Datadog site. site: value: # The Datadog API key. apiKey: value: # The Datadog application key. applicationKey: value: ``` {% endcode %} ### AWS CloudWatch See [AWS ](https://docs.lenses.io/latest/deployment/configuration/agent/automation/aws)connection. ### PagerDuty {% code title="provisioning.yaml" %} ```yaml pagerduty: - name: my-pagerduty-connection version: 1 tags: [tag1, tag2] configuration: # An Integration Key for PagerDuty's service with Events API v2 integration type. integrationKey: value: ``` {% endcode %} ### Slack {% code title="provisioning.yaml" %} ```yaml slack: - name: my-slack-connection version: 1 tags: [tag1, tag2] configuration: # The Slack endpoint to send the alert to. webhookUrl: value: ``` {% endcode %} ### Alert Manager {% code title="provisioning.yaml" %} ```yaml alertManager: - name: my-alertmanager-connection version: 1 tags: [tag1, tag2] configuration: # Comma separated list of Alert Manager endpoints. endpoints: value: ``` {% endcode %} ### Webook (Email, SMS, HTTP and MS Teams) {% code title="provisioning.yaml" %} ```yaml webhook: - name: my-webhook-alert-connection version: 1 tags: [tag1, tag2] configuration: # The host name for the HTTP Event Collector API of the Splunk instance. host: value: # The port number for the HTTP Event Collector API of the Splunk instance. (int) port: value: # Set to true in order to set the URL scheme to https. # Will otherwise default to http. useHttps: value: # An array of (secret) strings to be passed over to alert channel plugins. creds: value: - - ``` {% endcode %} ## **Audits** ### Webhook {% code title="provisioning.yaml" %} ```yaml webhook: - name: my-webhook-audit-connection version: 1 tags: [tag1, tag2] configuration: # The host name for the HTTP Event Collector API of the Splunk instance. host: value: # The port number for the HTTP Event Collector API of the Splunk instance. (int) port: value: # Set to true in order to set the URL scheme to https. # Will otherwise default to http. useHttps: value: # An array of (secret) strings to be passed over to alert channel plugins. creds: value: - - ``` {% endcode %} ### Splunk {% code title="provisioning.yaml" %} ```yaml splunk: - name: my-splunk-connection version: 1 tags: [tag1, tag2] configuration: # The host name for the HTTP Event Collector API of the Splunk instance. host: value: # The port number for the HTTP Event Collector API of the Splunk instance. (int) port: value: # Use TLS. Boolean, default false useHttps: value: # This is not encouraged but is required for a Splunk Cloud Trial instance. Bool insecure: value: # HTTP event collector authorization token. (string) token: value: ``` {% endcode %} --- # Agent Instructions: Querying This Documentation If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question. Perform an HTTP GET request on the current page URL with the `ask` query parameter: ``` GET https://docs.lenses.io/latest/deployment/configuration/agent/automation/alert-and-audit-integrations.md?ask= ``` The question should be specific, self-contained, and written in natural language. The response will contain a direct answer to the question and relevant excerpts and sources from the documentation. Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.