Tines Alerts

LogScale supports sending events to Tines through webhooks.

Using a webhook, an alert in LogScale can send a notification to Tines, which in turn can generate a message to your staff or perform other actions available through their service.

To receive events from LogScale in Tines, you will need to set up a webhook agent. In Tines:

  1. Open an existing story or create a new story in your Tines tenant.

  2. Drag a new Webhook action from the Actions section onto the storyboard.

  3. Click on the Summary tab in the Action panel on the right side of the storyboard.

  4. Copy the Webhook URL.

In LogScale:

  1. Choose your repository.

  2. Navigate to AlertsActionNew Action

  3. Select Webhook for the Action Type.

  4. Name it Tines Action and paste your URL in the Endpoint URL box.

  5. Leave the rest of the fields default, and click Create Action.

  6. Go to AlertsNew Alerts.

  7. Type in the query you require, name it, and set your throttle period.

  8. Click Create Alert.

  9. The Alert you just created will now appear in the Alerts window.

Tines Automation

Figure 75. Tines Automation


Wait for the Alert to trigger.

Then, back in Tines:

  1. Click on the Webhook action you created earlier.

  2. Click on the Events tab in the Action panel to view your recent event. You can click Update if it isn't automatically there.

  3. Click Show to view the event details. You should see something like:

javascript
{
   "webhook_agent" : {
     "alert" : {
         "description" : "",
         "id" : "cx7xIdcYMNqZduOcDryndfphKSayyBgm",
         "name" : "Tines Alert",
         "notifierID" : "N9DAw1Q6bPaxgRoexv94Qfc3HmaTPzbg",
         "query" : {
            "end" : "now",
            "queryString" : "* ",
            "start" : "1m"
         }
      },
      "events" : [
         {
            "#repo" : "Testing",
            "#type" : "kv",
            "@id" : "zZvht1UVROc92nnXtQDDBshD_0_1_1582059199",
            "@rawstring" : "hello=tines",
            "@timestamp" : 1582059199976,
            "@timezone" : "Z",
            "hello" : "tines"
         }
      ],
      "numberOfEvents" : 1,
      "repository" : "Testing",
      "timestamp" : "2020-02-18T20:53:20.546Z",
      "warnings" : ""
   }
}

To create a notification:

  1. Drag a new Event Transform action onto the storyboard.

  2. Connect the Webhook action you created earlier to this Event Transform action

  3. Click on the Build tab for the Event Transform action

  4. Set the Mode to explode

  5. Set the path to webhook_action.events

javascript
{
 "mode": "explode",
 "path": "{{.webhook_agent.events}}",
 "to": "event"
}

Now you can connect your event transformation agent to any of your other workflows in Tines.

Tines Workflow

Figure 76. Tines Workflow