Skip to main content
Sumo Logic

Webhook Connection for New Relic

New Relic webhook connections allow you to send alert results to New Relic as a custom event (Insight). You can learn more about the New Relic Insights custom events in their API Help.

Webhook connections rely on HTTP endpoints that tell Sumo Logic where to send data. You can set up any number of connections.

Set up a webhook connection for New Relic

  1. Go to Manage Data > Alerts > Connections.
  2. On the Connections page click Add.
  3. Click New Relic.
  4. In the Create Connection dialog, enter the name of the connection.
  5. (Optional) Enter a Description for the connection.
  6. Enter the URL for the endpoint (see Create an API Key for New Relic Webhook below):
  7. Under Insert Key, enter your API Key generated from New Relic Insights (see Create an API Key for New Relic Webhook below).
  8. (Optional) Custom Headers, enter up to five comma separated key-value pairs.
  9. Customize your Payload to include any information you want to send from your scheduled search to New Relic (see Send Events to New Relic using a Webhook). For details on variables that can be used as parameters within your JSON object, see webhook payload variables.
  10. Click Save.

Create an API key for New Relic webhook

For the Endpoint and Insert Key fields of the webhook, you need to generate an API Key through the New Relic Insights UI:

  1. In your New Relic Insights account, under Manage Data, click API Keys.
  2. Click the Add button next to Insert Key.
  3. Use the Endpoint and Key values for your webhook fields.
  4. Enter an optional Description and click Save Your Notes to register the API Key.

Create a scheduled search

Scheduled searches are saved searches that run automatically at specified intervals. When a scheduled search is configured to send an alert, it can be sent to a connection via a webhook to New Relic. The results of your search are saved as a custom event in New Relic Insights, which allows you to query and visualize your search results.

You can create a brand new search, or you can base a search on an existing saved or scheduled search. If you'd like to use an existing search, you'll need to save the query as a new search to not override the search's current schedule. For instructions, see Scheduled Searches for Webhook Connections.

Before setting up a scheduled search for Webhooks, configure a Webhook Connection.

Send Events to New Relic Insights using a Webhook

You can use a webhook to send events to New Relic Insights by using the following payload.

    "eventType": "{{SearchName}}", 
    "description": "{{SearchDescription}}", 
    "client": "Sumo Logic", 
    "search_url": "{{SearchQueryUrl}}", 
    "num_records": "{{NumRawResults}}", 
    "search_results": "{{AggregateResultsJson}}" 

Your payload must include "eventType" and "search_results" as parameters.

  • For "eventType", the SearchName can be a combination of alphanumeric characters, underscores _, and colons :. Special characters are not allowed.
  • For "search_results," you must use either AggregateResultsJson or RawResultsJson as a variable.

A maximum of 200 results can be sent for AggregateResultsJson, and 10 results for RawResultsJson. For more information, see About Webhook Connections.

By default, a "timestamp" field will be applied in New Relic Insights when the event is received. To override this, you must specify "timestamp" as a field in your Sumo Logic query (as an unformatted Unix timestamp, in seconds or milliseconds relative to the Unix epoch). For example, if you would like your timeslice to be represented in New Relic as the timestamp, you may add the following to your query:

| timeslice 1m
| format ("%s",_timeslice) as timestamp
| count by timestamp