Log Insight customers have often shared with us that they have a need to send alerts through webhooks to various services hosted outside of their intranet, for example Slack or PagerDuty. In order to set this up customers need to provide direct internet access to vRealize Log Insight appliance(s) or configure redirection at the network level, which isn’t convenient and often makes their security teams uncomfortable. To fix this issue Log Insight will now have proxies for webhooks implemented in vRealize Log Insight with configuration exposed via UI and REST API.
Web proxy configuration will be stored in internal configuration and distributed internally among the cluster nodes like other internal config parameters.
In order to use this feature in Log Insight you will need admin level user permissions:
Firstly, create a new proxy under Configuration \ Proxy
- Next enter the details of the proxy :
- name – required
- host – required
- port – required
- username – optional
- password – optional
- Test and Save the proxy.
- Add your proxy to the webhook configuration under Alerts \ Webhook
- Select Test Alert to test the proxy. Note – Certificate for the endpoint and for the proxy itself, both have to be trusted for the connection to succeed.
- Now your webhook with proxy is ready for use in alert notifications
When setting up your webhook configuration you have the option to select Log Payload as Individual Logs or Log Stream
The Logs section in the received notification will show the log message(s) that triggered the alert at the endpoint.
The Log Insight team is always open to suggestions and improvements based on your feedback, so do give this feature a try and provide feedback via official channels if any …!