Configuring Humio as an event source

You can set up an integration with Netcool® Operations Insight® to receive alert information from Humio.

About this task

Using a webhook URL, alerts generated by Humio monitors are sent to Netcool Operations Insight as events.

Procedure

  1. Click Administration > Integrations with other systems.
  2. Click New integration.
  3. Go to the Humio tile and click Configure.
  4. Enter a name for the integration and click Copy Copy to add the generated webhook URL to the clipboard. Ensure you save the generated webhook to make it available later in the configuration process. For example, you can save it to a file.
  5. Click Save.
  6. On the Humio Repository UI, Go to Alerts > Notifiers > New Notifier.
  7. Set the Notifier type to Webhook.
    The Humio message body JSON template contains the information about the alert and the event(s) that triggered it:
    {
      "repository": "{repo_name}",
      "timestamp": "{alert_triggered_timestamp}",
      "alert": {
        "name": "{alert_name}",
        "description": "{alert_description}",
        "query": {
          "queryString": "{query_string} ",
          "end": "{query_time_end}",
          "start": "{query_time_start}"
        },
        "notifierID": "{alert_notifier_id}",
        "id": "{alert_id}"
      },
      "warnings": "{warnings}",
      "events": {events},
      "numberOfEvents": {event_count}
    }
  8. Set the HTTP Method to POST.
  9. For the Endpoint URL, paste the webhook URL that you copied in step 4.
  10. Set Content-Type to application/json.
  11. Click Create Notifier.
  12. On the Humio Repository UI, Go to Alerts > Alerts > New Alert.
  13. Populate the alert fields such as Name and Frequency. For Notifier, select the notifier that was just created.
  14. Click Save.