Welcome to This Week in Log Management!
Every week we get many great questions through support, the community, social media, and our weekly demo. On Fridays, I like to share the most common questions and answers, tips, insights, a closer look at Graylog, interviews, etc.
If you have any questions for me, drop them on Twitter, and I’ll do my best to fold them into upcoming Friday posts. Our handle is @graylog2.
Can I send a Graylog Alert to Discord?
This is a great question. The answer is yes. You can send Graylog alerts via email, text, or Slack, and now Discord. Yes Discord!
The growth and use of Discord has transformed from just many Gaming users to businesses using it as a communication platform. Many businesses like: Gaming Developers, Publishers, Journalists, Community and Event Organizers use Discord. Discord lets Gamer Developers work in teams with each other on their projects. These types of DevOPS environments can use Centralized Log Management from Graylog to monitor activities like application performance, application errors and monitor change management within the DevOPS cycle.
In these DevOPS environments, having the ability to send Log Management Alerts to Discord where everyone is collaborating can provide a major benefit to those teams. Integrating your Central Log Management Platform with your Business Process and solving business needs is a major advantage of Graylog.
Discord + Slack
Discord has the ability to recognise a Slack Compatible webhook. Within the Graylog Alert Notification you can configure a Slack Notification. In the video below, I am creating events for SSH logins to my Linux Servers. I have already set up a specific Correlation event to watch when an SSH session is logged in and if the session is opened for more than 15 minutes and not terminated, it sends a Slack Notification Alert. The steps for creating your event and notification along with your Discord configuration are listed before the video.
Creating an Event and Notification Graylog
- Create Event Definitions for SSHd Session opened and Session Closed
- Create an Event Definition Correlation for SSHd Session Open/Close timer
- Create some extra fields in the Correlation Rule for username and Timestamp
- Create A Slack Notification of this event using the Webhook and channel created in Discord
Configuration In Discord
- Create a specific channel in your Discord account. Example “graylog”
- Edit the options on the channel you want to use and select “Integrations”
- In this menu select “Create Webhook and Copy The Webhook URL
- Make note of this Webhook URL for your Graylog Slack URL
Watch the video!
Thanks for joining us, and Happy Logging With Graylog!