Example: Monitoring Syslog events from a Humio integration

You can use Rsyslog with minimal configuration to send Syslog logs to Humio. The Rsyslog log processor is shipped with most popular Linux® distributions.

Procedure

  1. Follow the recommended configuration to forward all logs to Humio. For more information, see the Humio product documentation: Launch out icon https://docs.humio.com/integrations/data-shippers/rsyslog/.
  2. Create a webhook notifier to send events to Netcool® Operations Insight®, as described in steps 1 to 11 of Configuring Humio as an event source..
  3. Create an alert with the query syslogtag=* to monitor the logs in Humio repository.
    1. On the Humio UI, select Search.
    2. Enter syslogtag=* in the field provided and click Run.
    3. Click Save as > Alert.
    4. Populate the alert fields such as Name and Frequency. For Notifier, select the notifier that was just created.
    5. Click Save.