0

Is Papertrail the only service of its class that allows you to react to a logged event via webhook?

A hosted logging solution is what i'm looking for like Splunk storm or Papertrail.

sirvon
  • 2,547
  • 1
  • 31
  • 55

2 Answers2

2

Logentries provides real-time POST notifications with HMAC authentication: https://logentries.com/doc/webhookalert/

Enables you to match a regular expression, set a minimal number of matches per hour/day and set maximal number of alerts per hour/day.

The format is (in docs):

{
"alert": {
    "name": "500 error" // Alert name
},
"host": {
    "name": "Web", // Host name
    "hostname": "web.example.com" // Host DNS name
},
"log": {
    "name": "access.log" // Log name
},
"event": Event, // Trigerring event
"context": [ // Events in context
    Event[]
]
}

Where Event is:

{
"t": 1346202355889, // Timestamp
"s": 40634540484, // Sequence
"m": "[26/Aug/2012:10:58:50 +0100] POST /api..." // Message
}
Viliam
  • 4,404
  • 3
  • 28
  • 30
  • Logentries got me giddy...ill let you know how it turns out. So, far papertrail is the only thing that fits my needs but splunk is the greatest joy, if $ is not a factor. – sirvon Mar 15 '13 at 03:23
1

Splunk can do it using curl and their API. http://dev.splunk.com/view/saved-searches-and-alerting/SP-CAAADRK

user985723
  • 628
  • 2
  • 8
  • 18
  • I would use splunk storm though and they don't allow alerting but do they have an api ?? let me see... YES! they do.. let me see if your answer is doable. – sirvon Mar 12 '13 at 23:33
  • Splunkstorm's api is limited no event based reactions. – sirvon Mar 15 '13 at 03:25