New Relic webhook connections allow you to send alert results to New Relic as a custom event (Insight). You can learn more about the New Relic Insights custom events in their API Help.
Webhook connections rely on HTTP endpoints that tell Sumo Logic where to send data. You can set up any number of connections.
Set up a webhook connection for New Relic
You need the Manage connections role capability to create webhook connections.
- Go to Manage Data > Monitoring > Connections.
- On the Connections page click Add.
- Click New Relic.
- In the Create Connection dialog, enter the name of the connection.
- (Optional) Enter a Description for the connection.
- Enter the URL for the endpoint. See Create an API Key for New Relic Webhook.
- Under Insert Key, enter your API Key generated from New Relic Insights. See Create an API Key for New Relic Webhook.
- (Optional) Custom Headers, enter up to five comma separated key-value pairs.
- Customize your Payload to include any information you want to send from your scheduled search to New Relic. See Send Events to New Relic using a Webhook. For details on variables that can be used as parameters within your JSON object, see webhook payload variables.
- Click Save.
Create an API key for New Relic webhook
For the Endpoint and Insert Key fields of the webhook, you need to generate an API Key through the New Relic Insights UI:
- In your New Relic Insights account, under Manage Data, click API Keys.
- Click the Add button next to Insert Key.
- Use the Endpoint and Key values for your webhook fields.
- Enter an optional Description and click Save Your Notes to register the API Key.
Send Events to New Relic Insights using a Webhook
"client": "Sumo Logic",
Your payload must include "eventType" and "search_results" as parameters.
- eventType can be a combination of alphanumeric characters, underscores
_, and colons
:. Special characters are not allowed.
- search_results must include
ResultsJsonas a variable.
A maximum of 200 aggregate results or 10 raw messages for this field can be sent via webhook. For more information, see About Webhook Connections.
By default, a "timestamp" field will be applied in New Relic Insights when the event is received. To override this, you must specify "timestamp" as a field in your Sumo Logic query (as an unformatted Unix timestamp, in seconds or milliseconds relative to the Unix epoch). For example, if you would like your timeslice to be represented in New Relic as the timestamp, you may add the following to your query:
| timeslice 1m
| format ("%s",_timeslice) as timestamp
| count by timestamp