Loggly Integration Guide

Loggly is the world’s most popular cloud-based log management service. It aggregates logs across your entire infrastructure and provides a single interface to search, isolate the root cause of problems, and monitor trends. An alert fired in Loggly can be sent to PagerDuty, which will then alert the appropriate technician via SMS, phone, email, or iOS push.

In PagerDuty

  1. From the Configuration menu, select Services.
  2. On your Services page:If you are creating a new service for your integration, click +Add New Service.If you are adding your integration to an existing service, click the name of the service you want to add the integration to. Then click the Integrations tab and click the +New Integration button.

RS-Add-New-Service
RS-Add-Integration-Existing-Service

  1. Select your app from the Integration Type menu and enter an Integration Name.If you are creating a new service for your integration, in General Settings, enter a Name for your new service. Then, in Incident Settings, specify the Escalation Policy, Notification Urgency, and Incident Behavior for your new service.
  2. Click the Add Service or Add Integration button to save your new integration. You will be redirected to the Integrations page for your service.
    RS-Integration-Settings
  3. Copy the Integration Key for your new integration: RS_API_pd_3

In Loggly

  1. Click the Alerts button at the top of the Loggly page.

  2. Click Add New to create a new alert.

    Loggly___Alerts

  3. Enter the alert name, the criteria for the alert such as a Loggly saved search, and the threshold that determines when you want the alert to fire.

  4. In the Then section, click the checkbox for Send To An Endpoint.Loggly___Alerts

  5. Click Add New to create a new alert endpoint

  6. Select PagerDuty in the dropdown box.

  7. Enter in the name of the endpoint and a description.

  8. Enter in the Integration Key you copied from PagerDuty in the PagerDuty Step #3.
    Loggly___Alerts

  9. Press Save to create the endpoint, then Save again to save the alert.

  10. If you want to create additional alerts using the same PagerDuty endpoint, just select the existing endpoint in the dropdown box on Loggly’s Alert setup page.

Verify that Loggly and PagerDuty are Communicating

You can verify that they are communicating by triggering a test alert.

  1. Click on the name of the alert to edit the configuration.

  2. Set the threshold to something that is guaranteed to fire, such as setting it to < 1.  Save the alert when you’re done.

  3. Wait at least 5 minutes for the alert to run and fire.

  4. Log in to your PagerDuty account.

  5. Click on Services and then select the service that’s used for monitoring Loggly.

  6. You should see that an incident has been triggered.

  7. Now that you have verified that it’s working, go back and reset your threshold criteria to the original value you want your alert to fire on.

FAQ

Will Loggly incidents automatically resolve?

Yes, you can optionally configure Loggly to resolve PagerDuty incidents when an alert condition clears.

 

How can I setup Loggly to be tied to multiple PagerDuty services?

Once you have two Loggly/Generic API services within PagerDuty, create a new alert within Loggly.  When configuring the alert endpoint, use the Service API Key from the second PagerDuty service.

If you are having trouble completing the installation, please contact our support.