One of the most important pieces of operating any application stack is making sure you’re aware of the logging events occurring on your running systems. If your development team is like most, then you collaborate with your colleagues using Slack.
Being successful while building and operating software includes looking for ways to implement high-visibility operations within your team communication platform.
Of course, you can’t manually watch your logs to get the most critical information to your team in real time. This is where Papertrail™ and Slack—working together—come in. In this article, we’ll look at how you can set up an automated alert for specific search queries in Papertrail, which will update your team immediately in Slack.
Step 1: Create a Sample Application for Logging
For the purposes of this article, we’ll create an extremely simple Node.js Express application. It will emit a log entry at the INFO level for the only route it matches on. However, it will emit an ERROR level log for any other request. While you could use any logging method you like, our simple demo code looks like this:
index.js
const express = require('express')
const app = express()
const port = 3000
app.get('/', (req, res) => {
res.send('Hello World!')
console.log(`INFO: Logger app accessed on the root route`)
})
app.all('*', (req, res) => {
res.status(404).send(`ERROR: There's no route here with request method ${req.method}`)
console.log(`ERROR: ${req.method} attempted at non-existent route`)
})
app.listen(port, () => {
console.log(`INFO: Logger app listening on port ${port}`)
})
As you can see, the server only has one successful route—listening for GET requests on the root path. Any other route will log (and respond with) an error. If you’ve properly installed Express, then you can run the application with the following command:
$ node index.jsHowever, since we’re planning to send our logs to Papertrail, we’ll run this command instead:
$ node index.js >> logger.logThis dumps the console output into a file called logger.log in your project’s working directory. Feel free to send the output elsewhere if it’s more convenient for you. But if your application runs and logs as you’d expect, then let’s move on.
Step 2: Configure Papertrail
First, sign up for a Papertrail account. Once you configure your account, you’ll be guided on how to send log data to the Papertrail servers. If you choose to aggregate application log files, then the setup screen will look similar to this:
Choose the platform you’re running on, then install remote_syslog2. Finally, update the command you received for sending your logs to Papertrail, pointing to the full path of the logger.log file we created (replacing /path/to/your/file.log given in the example).
With Papertrail logging set up, you can visit any route for your Node.js app in your browser. If remote_syslog2 runs without an error, then the setup page should update with a notice showing a log has been received. If you go to the Events page, then you’ll start to see logs from your Node.js app show up. Visit a few routes for your Node.js application, and then see how your Events page updates.
In a full implementation of Papertrail, you could set up system and application logs from many different sources, and Papertrail would indicate the source and origin of all logs it aggregates. However, for our demo, we only need this simple example.
Step 3: Set Up Your Slack Alert
Alerts in Papertrail are based on searches across your aggregated log data. Saving a search is simple. If you type something in the search box at the bottom of the Events page, then Papertrail will automatically filter results down to match your search.
For our example, we’re looking for logs starting with the ERROR: string. If you click the bookmark icon, you’ll be prompted to save your search.
The search we’re making is pretty simple, but once we save it, we have many options for what to do next.
As you can see, Slack is a prominent option under the Chat heading. Clicking on it gives us a few important options for what to do next. We merely need to provide a webhook URL for our Slack instance:
We can follow the link to “Create a new Papertrail integration in Slack.” After following the instructions in Slack, we’ll end up with a webhook URL, which we paste into this Papertrail integration. From there, Papertrail will start following this search and trigger the alert we specified. Here’s a screenshot of what a Papertrail alert looks like in Slack,
Simple, right? In three quick steps, we’ve done the following:
- Set up our application to output log events to a file.
- Set up
remote_syslog2to stream the contents of that log file to Papertrail. - Set up and saved a query in Papertrail, which alerts us by sending a notification to Slack.
Conclusion
Don’t you love it when the pieces fit together so perfectly and easily? Papertrail integrations—like alert notifications to Slack—are great for keeping your team in the loop on log alerts mattering the most. The technology makes it easy. All you need to do is make some decisions about what alerts you and your team need to receive and the frequency at which you need to receive them.
You can get started on aggregating all your logs today and setting up the alerts you need. This will help your team keep a close watch on your systems, and they can do so within the comfort of their Slack workspace. Get started with your free trial of Papertrail today.
