1. All pre-installation steps have been completed.
  2. Your Kubernetes cluster is running and has appropriate resources available as defined in the pre-installation sizing considerations.

STEP 1: Installing the Helm Chart

  1. Create a secret using the Harbor repository that was setup for you by Zebrium. Zebrium will provide you with your Harbor USERNAME and PASSWORD.
    kubectl create secret docker-registry regcred --docker-username=<USERNAME> --docker-password=<PASSWORD> --docker-email=<EMAIL> --namespace <NAMESPACE>
  2. Update your Helm chart override.yaml file with the secret from Step 1.
  3. Add the Harbor repo to your Kubernetes cluster
    helm repo add --username <USERNAME> --password <PASSWORD> <REPO_NAME>
    helm repo update
  4. Install the Zebrium On Prem Software
    helm upgrade <RELEASE_NAME> -i --namespace <NAMESPACE>  <REPO_NAME>/zebrium-onprem -f <override.yaml>

STEP 2: Configuring Your Account

Zebrium On Prem currently supports a single account where all data will be ingested. This account can have mulitiple users/logins.

Create your account and the first user


  • Navigate to: <Your UI URL>/auth/sign-up
  • Complete the form click the right arrow to continue.

Invite other Users to your Account

  • Navigate to the User Management tab from the settings menu
  • Click on Add User and complete the form

STEP 3: Configuring Outbound Notifications

If you would like Root Cause report notifications to be sent to a destination other than the Slack webhook defined in your Helm chart, you can configure additional notification channels using Outbound Integrations from the settings menu.

Supported outbound notification channels include:

  1. AppDynamics
  2. OpsGenie
  3. OpsRamp
  4. PagerDuty
  5. Slack
  6. Teams (Microsoft)
  7. VictorOps
  8. Webhook (with the zebrium_incident payload)

Note: the payload of the zebrium_incident webhook is defined here.

STEP 4: Configuring AutoSupport (optional)

When you register for Zebrium On Prem, Zebrium will provide a secure auth token that can be used to send logs from the Zebrium On Prem software to Zebrium for remote monitoring (akin to Zebrium AutoSupport).

Note: Installing the Zebrium Kubernetes Log Collector will send logs from all namespaces in your Kubernetes cluster.

The log collector is deployed as a Kubernetes Helm chart as follows:

  1. kubectl create namespace zebrium
  2. helm install zlog-collector zlog-collector --namespace zebrium --repo --set zebrium.collectorUrl=,zebrium.authToken=AUTH_TOKEN_FROM_ZEBRIUM,zebrium.timezone=KUBERNETES_HOST_TIMEZONE

STEP 5: Ingesting data into your Zebrium On Prem instance

There are three supported methods to ingest data into Zebrium On Prem using your ZAPI Token and Endpoint:

  1. Zebrium CLI command
  2. Kubernetes Log Collector
  3. Elastic integration using Logstash

Obtaining your ZAPI Token and Endpoint

Instructions and commands for sending data to your OnPrem instance is available under Log Collector in the settings menu.

Failure Domain Boundary

Because Zebrium On Prem currently supports a single account with only one deployment, if you intend to ingest data from unrelated services/applications it is important to specify the ze_deployment_name label which essentially defines a failure domain boundary for anomaly correlation.

You will see in the examples provided below, how to specify the ze_deployment_name label for each of the three methods that can be used to ingest data.

Note: The ze_deployment_name must be a single word lowercase characters.

Using the CLI to ingest data

Instructions for downloading, configuring and using the Zebrium CLI are located here.

Here is an example that ingests a Jira log file into the atlassian failure domain (ze_deployment_name):

~/zapi/bin/ze up --file=jira.log --log=jira --ids=zid_host=jiraserver,ze_deployment_name=atlassian --auth=97453627rDGSDE67FDCA77BCE44 --url=

Using the Kubernetes Log Collector to ingest data

If your application to be "monitored" is Kubernetes-based, this is the preferred method for sending logs to Zebrium On Prem.

The log collector is deployed as a Kubernetes Helm chart as follows:

  1. kubectl create namespace zebrium
  2. helm install zlog-collector zlog-collector --namespace zebrium --repo --set zebrium.collectorUrl=http://ZAPI_ENDPOINT:443,zebrium.authToken=ZAPI_TOKEN,zebrium.deployment=ZE_DEPLOYMENT_NAME,zebrium.timezone=KUBERNETES_HOST_TIMEZONE


Using Logstash to ingest data

Instructions for configuring this integration are located here.

Note: Please contact Zebrium Support for assistance with configuration.