You can configure alerts in VMware Aria Operations for Logs to send webhook notifications to a remote web server when specific data appears in the logs. Webhooks provide event notifications over HTTP POST/PUT.
The content of the webhook notification contains up to 10 events that meet the alert query criteria. In aggregated queries, the content contains up to 10 groups that meet the alert criteria. The content contains the total number of events and groups and a link to the Explore Logs page. This page displays all the events or groups of events.
Note: The server might report a success or failure.
VMware Aria Operations for Logs retries on failure.
VMware Aria Operations for Logs treats all HTTP/2
xx status code responses as successful. All other responses, including timeouts or refused connections, are considered failed and retried later.
Prerequisites
- Verify that you are logged in to the VMware Aria Operations for Logs web user interface, for which the URL format is https://operations_for_logs-host. Here, operations_for_logs-host is the IP address or host name of the VMware Aria Operations for Logs virtual appliance.
- Verify that your user account is associated with a role that has the relevant permissions for alerts.
If your user account is assigned a role with view access to alerts (for example, the User role), you can view and manage all the alerts in your organization.
If your user account is assigned a role with edit or full access to alerts (for example, the Super Admin role):For information about roles, see Create and Modify Roles in Administering VMware Aria Operations for Logs.- You can activate or deactivate all the system alerts in your organization.
- You can create, modify, and remove all the user-defined alerts in your organization.
Procedure
- Click Create New.
Tip: Alternatively you can navigate to the Explore Logs page and create an alert based on a query. Enter a query, and next to the Search button, click
and select
Create Alert from Query.
