Incident Management

Humio Alerts can be set to trigger various acts, such as informing an administrator of a potential problem with your servers. There are several tools and incident management platforms that may be used to do this, as well as some security monitoring systems.

Incident Management Systems

Humio Alerts can be set to trigger various acts, such as informing an administrator of a potential problem with your servers. You can also use simple tools for sending an email or a chat message to an administrator, to bring a situation to their attention. Below is a list of such tools:

  • OpsGenie
    You can integrate OpsGenie with Humio so that triggered Alerts can send emails or SMS messages, or other notifications. Click on the heading here to see how to configure it with Humio.

  • PagerDuty
    With this alternative service, notifications can be sent automatically by phone call, SMS, push notifications and emails. Which type of Action taken can be determined based on the Alert triggered and other factors like the severity of the Alert, the day of the week or time of day.

  • Postmark
    This is an email delivery service that may be integrated with Humio to send messages to specific members of your staff, depending on which Alert is triggered and when it happens — in relation to the on-call schedule of your people.

  • Slack
    Slack is a popular internal chat system for many organizations. Humio can be set to sent messages to your company’s Slack account, to the chat room of your choice.

  • Tines
    Use a webhook, an Alert in Humio can send a notification to Tines, which in turn can generate a message to your staff or perform other actions available through their service.

  • VictorOps
    Another system for notifications with on-call scheduling, VictorOps may be accessed by an Alert when triggered.

Security Monitoring

For monitoring Humio for security situations (e.g., hacker attempts, denial of service attacks, etc.), there are a few security monitoring systems that can be integrated into Humio. Below is a list of them, with links to pages which explain how to configure them and Humio to work together:

  • Corelight
    Corelight can provide a view of your network so you can prevent and stop hackers from entering your servers. You can set an Alert in Humio to notifiy Corelight, and send it whatever information needed to assist in your security monitoring.

  • XSOAR
    This service provides is a Security Orchestration, Automation and Response (SOAR) platform that allows for thorough monitoring of security threats. Humio Alerts can be triggered to provide information to this service.

  • Zeek (Bro)
    Humio Alerts can be triggered to provide information to Zeek, a passive, open-source network traffic analyzer.