SolarWinds Loggly

This webhook allows BeyondTrust to automatically send detections and recommendations to SolarWinds Loggly in the form of a log.

Requirements

• An active SolarWinds Loggly administrator account
• An active customer token

Create configuration in SolarWinds Loggly

📘

Third-party documentation and instructions are subject to change.

1. Add active customer token. For instructions, see Customer Token.
2. Select the HTTP/S Event Endpoint page by accessing the “Source Setup” Page. For instructions, see HTTP/S Event Endpoint.
3. Copy the URL from step 2 on the HTTP/S Event Endpoint page and so it can then be pasted it into webhook url field of your new integration in Insights

Create a webhook in Insights

1. Go to Integrations > Webhooks > View Details.
2. Click Create Integration.
3. Paste the URL from Step 2 in Create configuration in SolarWinds Loggly
4. To create the webhook, use the following:
   • Webhook Name: Enter a name. For example: SolarWinds Loggly
   • Webhook URL: Paste the URL from Step 2 in Create configuration in SolarWinds Loggly
   • Authorization Type: None
   • Use the following test webhook JSON template to test the connection and send a webhook to SolarWinds Loggly.

{
  "text": "Severity:%%severity%%\nWhen:%%timestamp%%\nSummary:%%definitionSummary%%\nSource:%%source%%\nLocation:%%location%%\nEntity Type:%%entityType%%\nEntity Name:%%entityName%%"
}

Click Save Integration when finished.

Test and troubleshoot the webook

1. Click Test Settings. The. message "Configuration successfully created” appears.
2. To view the log created in SolarWinds Loggly, go to the SolarWinds Loggly Search page where you will see it under Log Explorer.