Skip to content

Files

Latest commit

yankevichdagitbook-bot
yankevichda
and
gitbook-bot
GITBOOK-1296: change request with no subject merged in GitBook
Jan 13, 2025
93c9931 · Jan 13, 2025

History

History
88 lines (54 loc) · 4.02 KB

kibana.md

File metadata and controls

88 lines (54 loc) · 4.02 KB
description
The ilert Kibana Integration helps you to easily connect ilert with Kibana.

Kibana Integration

Kibana is a powerful open-source analytics and visualization platform designed to work with Elasticsearch. It provides users with the tools to explore, visualize, and share insights into their data in real-time.

In ilert: Create an Kibana alert source

  1. Go to Alert sources --> Alert sources and click Create new alert source.

  2. Search for Kibana in the search field, click on the Kibana tile, and click Next.

  3. Give your alert source a name, optionally assign teams, and click Next.

  4. Select an escalation policy by creating a new one or assigning an existing one.

  5. Select your Alert grouping preference and click Continue setup. You may click Do not group alerts for now and change it later.

  6. The next page shows additional settings, such as customer alert templates or notification priority. Click on Finish setup for now.

  7. On the final page, an API key and/or webhook URL will be generated, which you will need later in this guide.

In Kibana: Create a connector

  1. On the sidebar, click on Connectors under the Alerts and Insights category.

  1. Now click on Create connector.

  1. Select Webhook.

  1. Enter a Connector name.
  2. Under Connector settings, enter the previously generated ilert Elasticsearch Kibana alert source URL into the URL field and change the Method to POST.
  3. Choose None under Authentication and enable Add HTTP header.
  4. Enter the following header -> key: Content-Type value: application/json
  5. Save the connector.

  1. Now, navigate to Rules under the Alerts and Insights category.

  1. Click on Create rule.

  1. Enter a name and select Webhook as the connector type.

  1. Choose the previous created ilert connector as Webhook connector.
  2. Enter the following payload into the Body field:

{% hint style="info" %} This payload contains mustache and is not valid for testing the connector. {% endhint %}

{
  "alert" : {{{ alert }}},
  "context" : {{{ context }}},
  "rule" : {{{ rule }}}
}

  1. Save the rule.

FAQ

Will alerts in ilert be resolved automatically?

No, unfortunately, Kibana is not compatible with ilert's resolve event.