Log Insight Webhook Shim Updated

In Log Insight 3.3, webhooks were introduced as an alert type. Shortly after the Log Insight 3.3 announcement, Alan Castonguay and I published some webhook shims that could be used with Log Insight to provide integration to a variety of third-party destinations. I am happy to announce a major update to the existing shim including support for vRealize Operations Manager. Read on to learn more!

webhook-512

Background

Webhooks provide a simple and extensible way to map Log Insight alerts to third-party actions. Of course, you need to translate webhooks from the output format of Log Insight into the input format of the third-party destination. This can be done via a shim.

As part of the 1.0 shim made available on GitHub, the following integrations were possible:

  • PagerDuty
  • Slack
  • Socialcast

NOTE: Socialcast offers native integration meaning use of a shim is not required

Update

Since the shim’s release, several people have contributed additional integrations. At this point, version 2.1 of the shim has been published and contains even more integrations including:

  • Bugzilla
  • HipChat
  • Jenkins
  • OpsGenie
  • ServiceNow
  • PushBullet
  • vRealize Orchestrator
  • ZenDesk

Not only that, but some new features have been added as well including:

  • Ability to accept incoming vRealize Operations Manager REST plugin┬ánotifications
  • Ability to use basic auth for incoming webhooks to third-party destinations from the shim
  • Support for encrypted traffic (https in addition to http)
  • Ability to specify web server port for shim
  • Ability to support Log Insight test alerts (works for vRealize Operations Manager as well)
  • Ability to support multiple teams/channels with Slack integration (works with HipChat as well)

As you can see, this is a major update! Of course, given the change to the existing Slack integration, it is recommended you test the update before applying to your environment.

vRealize Operations Manager REST plugin

One of the big changes in the updated shim is that it now supports output from the vRealize Operations Manager REST plugin. Let me walk you through how to configure this.

First, in vROps go to Administration > Outbound Settings > Select the green plus icon to add a new one > For plugin type select Rest Notification Plugin. Next, fill in all the options. Note, all fields are required even if you are not using them. Since outbound webhooks to the shim do not support authentication today, it does not matter what you input for the username and password fields. Also, if the shim is not configured to accept requests over TLS then the input for certificate thumbprint does not matter either. For content type, ensure you select JSON.

vrops-rest-test

In my example, I set the URL to point to /endpoint/test to validate the shim is receiving the data properly. With this configuration, I can hit the test button.

vrops-rest-test2

One known issue with this new integration is that vROps always displays an error when using the shim. I assume this is because of the fake authentication and certificate thumbprint options, but might also have to do with PUT requests versus POST requests. In either case, you can confirm the shim is working by checking the log output on the shim:

Bingo! As you can see, the test message from vROps was successfully received and parsed! The best part is all of the integrations into third-party products are supported for vROps REST notification plugins as well.

Summary

Webhooks are awesome and the updated shim now available for Log Insight and vRealize Operations Manager is a huge improvement. As always, you can get the latest version of the shims here. What do you think of the shim? What other integrations would you like to see? When will you contribute a new integration to the shim? Let me know in the comments!

© 2016, Steve Flanders. All rights reserved.

2 thoughts on “Log Insight Webhook Shim Updated

Leave a Reply