Skip to main content

Webhook Connection for SIGNL4

Thumbnail icon

You can set up webhook connections rely on HTTP endpoints that tell Sumo Logic where to send data.

Sumo Logic to SIGNL4 Integration

Sumo Logic alerts can send webhook alerts to SIGNL4, a mobile alerting and incident management solution that determines the right people to alert based on your on-call schedule, severity, and topic.

To add a Sumo Logic integration in SIGNL4, do the following:

  1. Go to the SIGNL4 Integration Hub.
  2. Select an existing webhook integration or create a new one for the Sumo Logic integration.
  3. In the integration tile, copy the URL including integration or team secret.

You'll need the webhook URL for Sumo Logic configuration, which you'll do in the next section.

You can find more information on the SIGNL4 site.

Configuration in Sumo Logic

In Sumo Logic, scheduled searches send alerts to other tools via webhook connections. To send alerts from Sumo Logic to SIGNL4:

  1. Create a Webhook Connection.
  2. Once you set up the webhook connection, you'll have the option to use it in a Scheduled Search or Monitor.

Create a Webhook Connection

note

You need the Manage connections role capability to create webhook connections.

This section demonstrates how to create a webhook connection from Sumo Logic to SIGNL4.

To create a webhook:

  1. In Sumo Logic, go to Manage Data > Alerts > Connections.

  2. Click + Add and choose Webhook as connection type.

  3. For the name, enter Sumo Logic SIGNL4 and give an optional description to the connection.

  4. Paste the SIGNL4 webhook URL (from the step above) into the URL field.

  5. Enter the following content in the Alert Payload field:

    {
    "AlertName": "{{AlertName}}",
    "Description": "{{Description}}",
    "action": "create",
    "AlertURL": "{{AlertResponseURL}}",
    "Query": "{{Query}}",
    "QueryURL": "{{QueryURL}}",
    "TriggerTime": "{{TriggerTime}}",
    "TriggerTimeRange": "{{TriggerTimeRange}}",
    "TriggerCondition": "{{TriggerCondition}}",
    "TriggerValue": "{{TriggerValue}}",
    "TriggerType": "{{TriggerType}}",
    "ResultsJson": "{{ResultsJSON}}",
    "DetectionMethod": "{{DetectionMethod}}",
    "MonitorType": "{{MonitorType}}",
    "NumQueryResults": "{{NumQueryResults}}",
    "SourceURL": "{{SourceURL}}",
    "X-S4-ExternalID": "{{IncidentKey}}",
    "X-S4-Status": "new",
    "X-S4-SourceSystem": "SumoLogic"

    }
  6. Under the Recovery Payload:

    • This part is optional for closing alerts in SIGNL4 if the incident is recovered in Sumo Logic.
      {
      "X-S4-ExternalID": "{{IncidentKey}}",
      "X-S4-Status": "resolved",
      "X-S4-SourceSystem": "SumoLogic"
      }
      note

      Do not update the X-S4-... fields, otherwise recovery notifications will not be generated.

  7. To test the connection, click Test Alert. If successful, you'll see a 201 OK response message.

  8. Click Save.

Scheduled searches are saved searches that run automatically at specified intervals. When a scheduled search is configured to send an alert, it can be sent to another tool using a webhook connection.

To set up a scheduled search for a webhook connection follow the steps in Schedule Searches for Webhook Connections.

Legal
Privacy Statement
Terms of Use

Copyright © 2023 by Sumo Logic, Inc.