# CrowdStrike Falcon LogScale Integration [CrowdStrike Falcon LogScale](https://www.crowdstrike.com/en-us/platform/next-gen-siem/falcon-logscale/) provides logging and observability service that gives organizations complete visibility to see anomalies, threats, and problems, and get to the root of what happened. With CrowdStrike Falcon LogScale integrated, log-based alerts – such as threshold breaches or anomaly detections – are forwarded to on-call responders via ilert. These alerts activate escalation paths and provide engineers with essential context to resolve issues quickly and confidently. {% hint style="info" %} Humio has been renamed to CrowdStrike Falcon LogScale {% endhint %} ## In ilert: Create a CrowdStrike Falcon LogScale alert source 1. Go to **Alert sources** --> **Alert sources** and click on **Create new alert source**

2. Search for **CrowdStrike Falcon LogScale** in the search field, click on the CrowdStrike Falcon LogScale tile and click on **Next**.

3. Give your alert source a name, optionally assign teams and click **Next**. 4. Select an **escalation policy** by creating a new one or assigning an existing one.

5. Select you [Alert grouping](https://docs.ilert.com/alerting/configure-alerting/alert-sources#alert-grouping) preference and click **Continue setup**. You may click **Do not group alerts** for now and change it later.

6. The next page show additional settings such as customer alert templates or notification prioritiy. Click on **Finish setup** for now. 7. On the final page, an API key and / or webhook URL will be generated that you will need later in this guide.

## In CrowdStrike Falcon LogScale 1. Create an Action by clicking **Alerts** -> **Actions** -> **New Action** from your dashboard ![C](https://3394882078-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2F-M76ygPnS4HUcFSX8ulm%2Fuploads%2FAkPutzeB1XheABPZNiVJ%2Fhumio-newaaction.png?alt=media\&token=f8e9c4e9-5b41-443b-9e99-0026a37c959c) 2. Choose **Webhook** as type, fill in the name in this case **ilert-webhook**, and on Endpoint URL, put on the **Humio URL** that is generated on ilert ![](https://3394882078-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2F-M76ygPnS4HUcFSX8ulm%2Fuploads%2F4pMeMPxTtJ8xjFUbY4Za%2Fhumio-newwebhook.png?alt=media\&token=c2a45002-42b1-4ecc-b95c-a8d10f7b6792) 3. Save the Action Webhook by clicking on **Save Action** after scrolling down ![](https://3394882078-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2F-M76ygPnS4HUcFSX8ulm%2Fuploads%2FgVC6WdqFmVicU1MERZ8y%2Fhumio-savewebhook.png?alt=media\&token=58c7fa06-6c03-4b91-aef8-fb6fe0069ec3) 4. Add a new Alert by Clicking **Alerts -> Alerts -> New Alert** ![](https://3394882078-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2F-M76ygPnS4HUcFSX8ulm%2Fuploads%2FA2U2cdsMPQQRb1cPmhoo%2Fhumio-newalert.png?alt=media\&token=dc99def5-ee31-4555-9b75-414dc10710d4) 5. Create the Alert by specifying the query that you want the Alert to be based on, and don't forget to check **Alert Enabled** and put the **Webhook Action** that has been configured earlier ![](https://3394882078-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2F-M76ygPnS4HUcFSX8ulm%2Fuploads%2F4RicWOk6aHTzGgpSiDF4%2Fhumio-alertdetails.png?alt=media\&token=9e035c6b-7d31-4331-8449-8c2125b1daa6) 6. Save the alert, and upon the alert, the incident will be created on ilert side as well 7. For more information about LogScale Alerts please refer to the following: