• Products
  • Get started
  • Documentation
  • Resources
Products
Get started
Documentation
Resources
Atlassian Support
/
Opsgenie
/
Resources
/
Integrate Opsgenie with your IT tools
/
Integrate Opsgenie with your tools

Integrate Opsgenie with Sumo Logic

Sumo Logic logo

What does Opsgenie offer Sumo Logic users?

Opsgenie provides a two-way integration with Sumo Logic. When an action happened at Opsgenie alerts, the webhook data will be forwarded to the Sumo Logic. Also, Sumo Logic sends webhook alerts to Opsgenie which acts as a dispatcher for these alerts and determines the right people to notify based on on-call schedules– notifies via email, text messages (SMS), phone calls, and iPhone & Android push notifications, and escalates alerts until the alert is acknowledged or closed.

Functionality of the integration

  • When an alert is created in Sumo Logic, an alert will be created automatically in Opsgenie.

  • When an alert action happened in Opsgenie, the webhook payload will be sent to Sumo Logic.

Add Sumo Logic integration in Opsgenie

  1. Go to Opsgenie's Sumo Logic Integration page.

Under the Free and Essentials plans, the tabs under the Team dashboard are limited to Main, Integrations, Members, and Activity Stream.

2. Specify who is notified of Sumo Logic alerts using the Teams field. Auto-complete suggestions are provided as you type.

An alternative for Step 1) and Step 2) is to add the integration from the Team Dashboard of the team which will own the integration. To add an integration directly to a team, navigate to the Team Dashboard and open Integrations tab. Click Add Integration and select the integration that you would like to add.

3. Copy the URL to use in Sumo Logic.

4. To forward alert data to Sumo Logic activate Opsgenie to Sumo Logic field and fill the collector URL which is provided from Sumo Logic.

5. Click Save Integration.

Sumo Logic save integration

Configuration on Sumo Logic

In Sumo Logic, scheduled searches send alerts to other tools via Webhook connections. To send alerts from Sumo Logic to Opsgenie, create a Webhook first and use it in a scheduled search configuration.

Create Webhook

  1. In Sumo Logic, open Manage Data -> Settings -> Connections.

  2. Click + Add and choose Webhook as connection type.

  3. Populate the name as "Opsgenie" and give an optional description to the connection.

  4. Paste the URL copied previously into the "URL" field.

  5. Populate "Payload" field with the following content:

JSON

1 2 3 4 5 6 7 8 9 10 11 12 { "searchName": "{{SearchName}}", "searchDescription": "{{SearchDescription}}", "searchQuery": "{{SearchQuery}}", "searchQueryUrl": "{{SearchQueryUrl}}", "timeRange": "{{TimeRange}}", "fireTime": "{{FireTime}}", "rawResultsJson": "{{RawResultsJson}}", "numRawResults": "{{NumRawResults}}", "priority" : "P3", "aggregateResultsJson" : "{{AggregateResultsJson}}" }

6. Click Save.

Create Webhook Connection

Configure Scheduled Search

  1. In the desired search screen to schedule, click Save As under the query currently displayed in the search box.

  2. In the "Save Search As" dialog box, enter a name for the search and an optional description.

  3. Choose an option from the Time Range menu.

  4. Click Schedule this search.

  5. Choose an option from the "Run Frequency" menu.

  6. For Alert Type, choose "Webhook" to upload search results to your connection.

  7. Select "Opsgenie" connection from the Webhook connections list.

  8. Click Save.

Configure Scheduled Search

Sample payload sent from Sumo Logic

JSON

1 2 3 4 5 6 7 8 9 10 11 12 { "searchName": "Reporting Hosts", "searchDescription": "Cem", "searchQuery": "_sourceCategory=linux/system | parse regex \"\\d+\\s+\\d+:\\d+:\\d+\\s(?<dest_hostname>\\S+)\\s(?<process_name>\\w*)(?:\\[\\d+\\]|):\\s+\" | count_distinct(dest_hostname) as _hostCount", "searchQueryUrl": "https://service.eu.sumologic.com/ui/index.html#/search/1NJLAwKvQOkwHOyhfkd1wfuI1dXqUFhf0vrf7XnR2XvYWT6LOMeOO4nW1babPnhkAzfnETUgU5dlvJNU8ALz9UIv6SYhR6gvxHVX4UjUaUa8314H8ALCL2gXyoSt0Ivr", "timeRange": "2019-03-18 13:28:45 EET - 2019-03-18 13:33:45 EET", "fireTime": "2019-03-18 13:34:17 EET", "rawResultsJson": "", "numRawResults": "1", "priority": "P3", "aggregateResultsJson": "[{\"Hostcount\":1}]" }

Sample format for search results dynamic field

From a raw results json sent in Sumo Logic payload, in this format:

JSON

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 [ { "Category": "logfile", "Collector": "Tuba-MacBook-Pro.local", "Host": "Tuba-MacBook-Pro.local", "Message": "test log message1", "Name": "request.log", "Time": 1448545024149 }, { "Category": "logfile", "Collector": "Tuba-MacBook-Pro.local", "Host": "Tuba-MacBook-Pro.local", "Message": "test log message2", "Name": "request.log", "Time": 1448545028149 } ]

The result in this format is generated:

Text

1 2 3 4 5 6 7 8 9 10 11 12 Search Results: 1- Time: 11/26/2015 01:37:04 Message: test log message1 Host: Tuba-MacBook-Pro.local Name: request.log Category: logfile 2- Time: 11/26/2015 01:37:08 Message: test log message2 Host: Tuba-MacBook-Pro.local Name: request.log Category: logfile

 

Last modified on Feb 10, 2021
Cached at 8:52 PM on Apr 10, 2021 |

Additional Help

Ask the Community
On this pageWhat does offer users?Functionality of the integrationAdd integration in Configuration on Sample payload sent from Sample format for search results dynamic field
CommunityQuestions, discussions, and articles