Actions
Security Requirements and Controls
Change triggers and actions
permission
LogScale alerts and scheduled searches can be configured to trigger various actions to inform users or administrators of an issue. Different actions are available, for example to send an email or to copy a matching event to a new repository where it could be used as part of another dashboard. Triggers can be either Alerts or Scheduled Searches.
Perform the following activities with actions.
Actions can be created from scratch, from a template that has previously been exported, or based on an action defined within an existing package.
From the main
Actions
page you can view, duplicate, export or delete actions from the repository.
There are several tools and incident management platforms that may be used to get notified of a potential problem or to bring a situation to someone's attention. LogScale currently supports the following action types:
Sends an email using a template through email delivery services integrated with LogScale such as Postmark.
Action Type: Falcon LogScale Repository
Forwards matching events to another repository within the cluster.
You can integrate OpsGenie with LogScale so that triggered alerts can send emails or SMS messages, or other notifications.
With this alternative service, notifications can be sent automatically by phone call, SMS, push notifications and emails. Which type of action taken can be determined based on the alert triggered and other factors like the severity of the alert, the day of the week or time of day.
Slack is a popular internal chat system for many organizations. LogScale can be set to sent messages to your company's Slack account, to the chat room of your choice.
This action allows to upload the trigger events as a CSV file in LogScale.
Action Type: VictorOps (Splunk On-Call)
Another system for notifications with on-call scheduling, VictorOps may be accessed by an alert when triggered.
Can perform an HTTP(S) request to any URL and can therefore be used to integrate third-party services. Using webhooks is the best method for supporting custom actions that are not supported by any of the built-in options.