Actions

Security Requirements and Controls

Action Activities

LogScale alerts and scheduled searches can be configured to trigger various actions to inform users or administrators of an issue. Different actions are available, for example to send an email or to copy a matching event to a new repository where it could be used as part of another dashboard. Triggers can be either Alerts or Scheduled Searches.

There are several tools and incident management platforms that may be used to get notified of a potential problem or to bring a situation to someone's attention.

LogScale currently supports the following tools and action types:

  • Action Type: Email

    Sends an email using a template.

  • Action Type: Falcon LogScale Repository

    Forwards matching events to another repository within the cluster.

  • Action Type: OpsGenie

    You can integrate OpsGenie with LogScale so that triggered alerts can send emails or SMS messages, or other notifications.

  • Action Type: PagerDuty

    With this alternative service, notifications can be sent automatically by phone call, SMS, push notifications and emails. Which type of action taken can be determined based on the alert triggered and other factors like the severity of the alert, the day of the week or time of day.

  • Action Type: Postmark

    This is an email delivery service that may be integrated with LogScale to send messages to specific members of your staff, depending on which alert is triggered and when it happens — in relation to the on-call schedule of your people.

  • Action Type: Slack

    Slack is a popular internal chat system for many organizations. LogScale can be set to sent messages to your company's Slack account, to the chat room of your choice.

  • Action Type: Upload File

    This action allows to upload the trigger events as a CSV file in LogScale.

  • Action Type: VictorOps (Splunk On-Call)

    Another system for notifications with on-call scheduling, VictorOps may be accessed by an alert when triggered.

  • Action Type: Webhooks

    Can perform an HTTP(S) request to any URL and can therefore be used to integrate third-party services. Using webhooks is the best method for supporting custom actions that are not supported by any of the built-in options.