https://github.com/gdatasoftwareag/graylog-plugin-alertmanager-callback
A plugin for Graylog which provides the possibility to send alerts to the Prometheus AlertManager API.
https://github.com/gdatasoftwareag/graylog-plugin-alertmanager-callback
alertmanager graylog graylog-callback graylog-plugin graylog2 prometheus prometheus-alertmanager
Last synced: about 1 year ago
JSON representation
A plugin for Graylog which provides the possibility to send alerts to the Prometheus AlertManager API.
- Host: GitHub
- URL: https://github.com/gdatasoftwareag/graylog-plugin-alertmanager-callback
- Owner: GDATASoftwareAG
- License: mit
- Created: 2019-02-07T13:49:18.000Z (over 7 years ago)
- Default Branch: master
- Last Pushed: 2020-08-20T10:54:19.000Z (almost 6 years ago)
- Last Synced: 2025-04-05T10:33:26.569Z (about 1 year ago)
- Topics: alertmanager, graylog, graylog-callback, graylog-plugin, graylog2, prometheus, prometheus-alertmanager
- Language: Java
- Size: 210 KB
- Stars: 22
- Watchers: 4
- Forks: 5
- Open Issues: 3
-
Metadata Files:
- Readme: README.md
- Changelog: CHANGELOG
- Contributing: CONTRIBUTING.md
- License: LICENSE
Awesome Lists containing this project
README
[](https://travis-ci.org/GDATASoftwareAG/Graylog-Plugin-AlertManager-Callback)
[](https://app.codacy.com/app/StefanHufschmidt/Graylog-Plugin-AlertManager-Callback?utm_source=github.com&utm_medium=referral&utm_content=GDATASoftwareAG/Graylog-Plugin-AlertManager-Callback&utm_campaign=Badge_Grade_Dashboard)
[](https://codecov.io/gh/GDATASoftwareAG/Graylog-Plugin-AlertManager-Callback)
[](https://snyk.io/test/github/GDATASoftwareAG/Graylog-Plugin-AlertManager-Callback)
# Graylog AlertManager Notification Plugin
This plugin can be used for connecting [Graylog](https://www.graylog.org/) alerts to the [Prometheus](https://prometheus.io/) [AlertManager](https://prometheus.io/docs/alerting/alertmanager/).
The plugin development is based on [Graylog2/graylog-plugin-sample](https://github.com/Graylog2/graylog-plugin-sample) which is mentioned in the [Graylog plugin documentation](http://docs.graylog.org/en/3.3/pages/plugins.html).
**Note:** this plugin is currently only available as "Legacy Alarm Callbacks" item after adding it to Graylog
The current plugin version 1.2.2 has Graylog 3.3.5 as target. The plugin version 1.2.1 (see releases) targets Graylog 2.5.0 and above.
## Use Case
You are using a Graylog for checking the logs for errors, a Prometheus for checking the service metrics and you would like to organize your alerts with a AlertManager you need to get your Graylog alerts into the AlertManager.
This plugin provides the possibility to send your Graylog notifications with a AlertManager-Callback to your AlertManager.
## AlertManager Endpoint
The plugin uses the `/api/v1/alerts` endpoint of AlertManager. You can find some documentation about this endpoint [here](https://prometheus.io/docs/alerting/clients/).
## Provided Information
The plugin provides the AlertManager several information out of the box:
* `stream_title` - The title of the stream triggering the alert condition in Graylog
* `triggered_at` - The time of triggering the alert condition in Graylog
* `triggered_rule_description` - The generated rule description of triggered alert condition in Graylog
* `triggered_rule_title` - The title of alert condition rule in Graylog
All of those information will be added as annotation.
The values `startsAt`, `endsAt` and `generatorURL` will be transmitted to the AlertManager as well.
`startsAt` will be set to the point of time when the condition triggered the alert.
`endsAt` will be set to the point of time when the condition triggered the alert plus the set grace time which is configured for the alert.
Additionally you can configure your own custom annotations and labels which should be submitted to the AlertManager (see screenshot below).
You can use the [JMTE Template](https://cdn.rawgit.com/DJCordhose/jmte/master/doc/index.html) as you might already know from the [Graylog E-Mail Notification Callback](http://docs.graylog.org/en/2.5/pages/streams/alerts.html#email-alert-notification).
List of provided keys you can use inside JMTE Templates:
* `stream_url` - The stream url.
* `stream` - The specific stream object. There you can use the properties of the stream object e.g. `stream.title`
* `alertCondition` - The specific triggered alert condition. There you can use the properties of the alert condition oject e.g. `alertCondition.createdAt`
* `check_result` - The specific check result. There you can use the properties of the check result object e.g. `check_result.triggeredAt`
* `backlog` - A list containing messages matching the triggered condition if any. You can iterate through them with `${foreach backlog message}${message} ${end}`
* `backlog_size` - The amount of matching messages.
## How to deploy on Graylog
You can easily build the plugin by executing `./gradlew build -x check --no-daemon`.
Afterwards there should be a `.jar` file inside the `build/libs/` directory.
Follow the instructions mentioned [here](http://docs.graylog.org/en/3.3/pages/plugins.html#installing-and-loading-plugins) to deploy this `.jar` file.
## How to develop locally
You can use Docker and Docker-Compose to test changes of this plugin locally by following these steps:
1. Build the JAR
2. Run `docker-compose up` inside the development directory
3. Access your local Graylog instance web-interface at http://localhost:9000/
4. You can configure an alert to be send to `http://alertmanager:9093/api/v1/alerts` and access the AlertManager via http://localhost:9093/
## Screenshots
## Planned Features
* Implementation of EventNotification for usage as non-legacy notification plugin
You would like to contribute anything? - Take a look at [CONTRIBUTING.md](CONTRIBUTING.md).
## License
See [LICENSE](LICENSE)
## Copyright
Copyright (c) 2019-2020 G DATA CyberDefense AG and other authors.