# Logz.io

[<mark style="color:blue;">Logz.io</mark>](https://logz.io/) allows engineers to look into their stack with powerful log, metric and tracing analytics based on the cloud-native tools they use.

Route detailed monitoring alerts from Logz.io to the right users in Squadcast.

### How to integrate Logz.io with Squadcast

### In Squadcast: Using Logz.io as an Alert Source

1. Navigate to **Services** -> **Service Overview** -> select or search for your Service. Expand the accordion -> In the Alert Sources section, click **Add**.

![](/files/ej4AI9zpOyFu5NZJCbwC)

2\. Select **Logz.io.** Copy the displayed **Webhook URL** to [configure](#in-logz.io-create-a-squadcast-webhook-alert) it within **Logz.io**. Finish by clicking **Add Alert Source** -> **Done.**

![](/files/box1IqIEzTzDzgwfLNS3)

{% hint style="warning" %}
**Important:**

When an alert source turns Active, it’ll show up under Configured Alert Sources, you can either generate a test alert from the integration or wait for a real-time alert to be generated by the Alert Source. An Alert Source is active if there is a recorded incident via that Alert Source for the Service.
{% endhint %}

### In Logz.io: Create a Squadcast webhook alert

**(1)** In the app, go to **Alerts & Events > Notification endpoints** to create the webhook

![](/files/kEAQjHJJPrZYLjk8SM1f)

**(2)** Click on **Add endpoint**

![](/files/QYppdFkgmePgRrSPYZqH)

**(3)** Fill in the form as shown below:

* **Type**: Custom
* **Name**: Squadcast Webhook
* **Description** (optional)
* **URL**: Paste the URL endpoint that was copied from Squadcast Service for Logz.io
* **Method**: POST
* Run the test to see if you received a test alert in Squadcast
* Click on **Save**

Find more details on how each of these parameters can be configured [here](https://docs.logz.io/user-guide/integrations/custom-endpoints.html)

![](/files/Edtqup9NneYWUO31ENGw)

```json
{
    "alert_title": "{{alert_title}}",
    "alert_description": "{{alert_description}}",
    "alert_severity": "{{alert_severity}}",
    "account_id": "{{account_id}}",
    "account_name": "{{account_name}}",
    "alert_samples": "{{alert_samples}}",
    "alert_tags_json": "[{{alert_tags_json}}]"
}
```

**(4)** Next, to create the alert itself, you can either:

* Go to **Alerts & Events > New Alert** or,
* Click on **Create Alert** from the **Kibana dashboard**

![](/files/37D1jliQyiqOYHM7qFfl)

Find more details on how each of these parameters can be configured [here](https://docs.logz.io/user-guide/alerts/configure-an-alert.html)

**(5)** Give the alert a **title**

Now, you will have to fill out the 3 sections:

(a) **Search for...** section:

* Either enter your **Search** query or verify that the query present is correct
* Choose to **Group By** certain fields
* Select **Accounts to Search**
* Choose to repeat this (by adding another query), join the queries, etc.

![](/files/nYI79PA3QoVaIbC2Q0xl)

**(5)** (b) **Trigger if...** section:

* Add **Trigger conditions** for the alert and add one or more thresholds for the trigger

![](/files/FGKXVTZYR1UHLzLBYYPK)

**(5)** (c) **Notify** section:

* Add a **Description** for the alert (which will be visible for these incidents in Squadcast)
* Associate **Tags** (if any)
* **Who to send it to** -> choose **Squadcast Webhook**
* Choose a **wait time** between notifications as needed
* **Output format** -> choose **JSON**
* You can choose to either send **all log fields** or **custom fields**

![](/files/wNjn3BgSGUUSecq4zN9j)

**(6)** Click on **Save**

![](/files/BjXpntEQ6NlVwC9HzQMZ)

That is it, you are now good to go! Whenever a log alert is triggered in Logz.io, an incident will be created automatically in Squadcast.

{% hint style="info" %}
**FAQ:**

Q: If an alert gets resolved in Logz.io, does Logz.io send auto-resolve signals to Squadcast?

A: No, Logz.io does not send auto-resolve signals to Squadcast. Hence, Squadcast incidents from Logz.io should be resolved manually.
{% endhint %}

*Have any questions?* [*Ask the community*](https://community.squadcast.com/view/home)*.*


---

# Agent Instructions: Querying This Documentation

If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter:

```
GET https://support.incidents.cloud.solarwinds.com/integrations/alert-source-integrations-native/logzio.md?ask=<question>
```

The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.