Kibana Integration
The ilert Kibana Integration helps you to easily connect ilert with Kibana.
Kibana is a powerful open-source analytics and visualization platform designed to work with Elasticsearch. It provides users with the tools to explore, visualize, and share insights into their data in real-time.
In ilert: Create an Kibana alert source
- Go to Alert sources --> Alert sources and click Create new alert source.  
- Search for Kibana in the search field, click on the Kibana tile, and click Next.  
- Give your alert source a name, optionally assign teams, and click Next. 
- Select an escalation policy by creating a new one or assigning an existing one.  
- Select your Alert grouping preference and click Continue setup. You may click Do not group alerts for now and change it later.  
- The next page shows additional settings, such as customer alert templates or notification priority. Click on Finish setup for now. 
- On the final page, an API key and/or webhook URL will be generated, which you will need later in this guide.  
In Kibana: Create a connector
- On the sidebar, click on Connectors under the Alerts and Insights category. 

- Now click on Create connector. 

- Select Webhook. 

- Enter a Connector name. 
- Under Connector settings, enter the previously generated ilert Elasticsearch Kibana alert source URL into the URL field and change the Method to POST. 
- Choose None under Authentication and enable Add HTTP header. 
- Enter the following header -> - key: Content-Type value: application/json
- Save the connector. 

- Now, navigate to Rules under the Alerts and Insights category. 

- Click on Create rule. 

- Enter a name and select Webhook as the connector type. 

- Choose the previous created ilert connector as Webhook connector. 
- Enter the following payload into the Body field: 
{
  "alert" : {{{ alert }}},
  "context" : {{{ context }}},
  "rule" : {{{ rule }}}
}
- Save the rule. 
FAQ
Will alerts in ilert be resolved automatically?
No, unfortunately, Kibana is not compatible with ilert's resolve event.
Last updated
Was this helpful?