Link

ZELK Stack

  • Automatically catch application incidents and see root cause using your Elastic Stack. No manual training, no manual alert rules and no changes to your end points.

  • Auto-detected application incidents are displayed in an elegant Kibana dashboard. With just a click, you can view the set of correlated log events that describe the root cause. Thumbs up and down buttons let you provide feedback on incident quality and customize your incident feed.

How it Works

  1. Configure an additional output plugin in your Logstash instance to send log events and metrics to Zebrium.
  2. Zebrium’s Autonomous Incident Detection and Root Cause will send incident details back to Logstash via a webhook input plugin.
  3. Incident summary and drill down into the Incident events in Elasticsearch is available directly from the Zebrium ML-Detected Incidents canvas in Kibana.
  4. For advanced drilldown and troubleshooting workflows, simply click on the Zebrium link in the Incident canvas.

Requirements

  • ZELK Stack integrations require the ELK stack including Logstash.

Optional:

  • Secure end-point for the Zebrium outgoing webhook to send Incident details to Logstash/Kibana

Support

If you need help with this integration, please contact Zebrium by email to support@zebrium.com

How to Setup ZELK Stack

Configuring Logstash to Send Log Data to Zebrium

  • This configuration must be completed before Configuring Logstash/Kibana for Viewing Zebrium Incidents (below).
  • Click here for detailed integration steps.

Configuring Logstash/Kibana for Viewing Zebrium Incidents (optional)

This configuration is required only if you wish to view Zebrium Incidents within Kibana (it is not required).

  • This configuration must be completed after Configuring Logstash to Send Log Data to Zebrium (above).
  • Click here for detailed integration steps.

Table of contents