Push Endpoints

Created:2023-10-19 Last Modified:2024-09-23

This document was translated by ChatGPT

#1. Push Endpoints

Push endpoints are used to receive and process alerts in systems or services. Currently, four push methods are supported: Email push, HTTP push, Kafka push, PCAP strategy, and Syslog push.

Next, we will introduce these five push methods separately.

#1.1 Email Push

Send alert events to a specified email address, allowing you to stay informed about alerts by checking your email.

Email Push

Email Push

  • Create a new Email Push: Fill in the relevant information to successfully create it, which can be used when creating an alert policy
  • List
    • Associated Alert Policies: Click the number to jump to the Alert Policies page to view the alert policies using this push endpoint
    • Edit: Supports editing the push endpoint
    • Delete: Supports deleting the push endpoint

#1.1.1 Create a New Email Push

Create a New Email Push

Create a New Email Push

  • Email: Fill in the email address to push to
  • Push Title: Optional, supports filling in the email title
  • For other fields, please refer to the Create a New Kafka Push section

#1.2 HTTP Push

HTTP push sends data to a specified URL address via the HTTP protocol.

HTTP Push

HTTP Push

  • For page button usage, please refer to the Email Push section

#1.2.1 Create a New HTTP Push

Create a New HTTP Push

Create a New HTTP Push

  • Push Method: Required, supports POST, PUT, and PATCH methods, default is POST
  • Push URL: Required, protocol name is case-insensitive, supports HTTP and HTTPS protocols, HTTPS can be unidirectional authentication
    • Note: Supports Jinja template rendering, e.g., http://10.0.0.1/
  • Header: Enter HTTP key-value pairs
  • For other fields, please refer to the Create a New Kafka Push section

#1.3 Kafka Push

Kafka push supports pushing alert events to Kafka.

  • For page button usage, please refer to the Email Push section

#1.3.1 Create a New Kafka Push

Create a New Kafka Push

Create a New Kafka Push

  • Name: Required, fill in the name of the push endpoint
  • Team: Required, select the team that can use this push endpoint
  • Broker Address Pool: Required, input format [address]:[port], supports multiple entries separated by commas
  • Topic: Required, Kafka push topic, supports 1-256 printable characters
  • SASL: Optional, authentication method, if Plain is selected, username and password need to be filled in
  • Push Content: Supports Jinja template rendering, for default push content, please refer to the parameter description
  • Configuration Level: Select the alert event level to receive, for alert event level description, please refer to the Edit Alert Policy section
    • By default, all alert events except info will be pushed
  • Push Cycle: Required, within the push cycle, alert events generated by the same monitoring object under the same alert policy will only be pushed once
  • Push Frequency: The maximum number of times alert events generated by the same monitoring object under the same alert policy can be pushed. Exceeding this limit will stop further pushes

#1.4 PCAP Strategy

Supports adding alert policies to the PCAP strategy for alert monitoring through PCAP.

Create a New PCAP Strategy

Create a New PCAP Strategy

  • For page button usage, please refer to the Email Push section
  • Create a New PCAP Strategy
    • Associate PCAP Strategy: Required, associate the PCAP strategy with alert events. Alerts generated can be downloaded in the associated PCAP strategy
  • Enable PCAP Strategy: Select the alert event level to push. If an alert event of this level is generated, it will be pushed to the associated PCAP strategy, and the PCAP strategy will be automatically enabled
    • Note: By default, fatal, error, and warning alert events will be pushed
  • Disable PCAP Strategy: Select the alert event level to push. If an alert event of this level is generated, the associated PCAP strategy will be automatically disabled
    • Note: By default, recovery alert events will be pushed
  • For other fields, please refer to the Create a New Kafka Push section

#1.5 Syslog Push

Alert Syslog push sends alert information to the log server via the Syslog protocol. It can promptly notify operations personnel of potential system failures or security events, helping them take appropriate measures in a timely manner.

  • For page button usage, please refer to the Email Push section

#1.5.1 Create a New Syslog Push

Create a New Syslog Push

Create a New Syslog Push

  • Push Destination: Required, input format [forwarding protocol]://[log server address]:[port]
    • Note: Optional protocols are UDP and TCP, default is UDP; optional ports are 1-65535, default port is 514
  • For other fields, please refer to the Create a New Kafka Push section