Example: Monitoring Syslog events from a Humio integration

You can use Rsyslog with minimal configuration to send Syslog logs to Humio. The Rsyslog log processor is shipped with most popular Linux® distributions.

1. Follow the recommended configuration to forward all logs to Humio. For more information, see the Humio product documentation: https://docs.humio.com/integrations/data-shippers/rsyslog/.
2. Create a webhook notifier to send events to Netcool® Operations Insight®, as described in steps 1 to 11 of Configuring Humio as an event source..
3. Create an alert with the query syslogtag=* to monitor the logs in Humio repository.
   1. On the Humio UI, select Search.
   2. Enter syslogtag=* in the field provided and click Run.
   3. Click Save as > Alert.
   4. Populate the alert fields such as Name and Frequency. For Notifier, select the notifier that was just created.
   5. Click Save.