Coralogix

Overview

is an observability and security platform. Integrate Cortex with Coralogix to drive insights into alerts.

After setting up the integration, relevant alerts from Coralogix will appear in your entity pages. While viewing an entity, click Integrations > Coralogix in its sidebar to view the list of alerts.

How to configure Coralogix with Cortex

Prerequisites

Before getting started, generate a .

Step 1: Configure the integration in Cortex

1. In Cortex, navigate to the :

   1. In Cortex, click your avatar in the lower left corner, then click Settings.

   2. Under "Integrations", click Coralogix.

2. Click Add configuration.

3. Configure the Coralogix integration form:

   • Account alias: Enter your account alias.

   • API key: Enter your Coralogix API key.

   • Region: Select your region.

4. Click Save.

How to connect Cortex entities to Coralogix

Discovery

By default, Cortex will use the entity name or entity tag (e.g. my-service) as the "best guess" for the Coralogix alert application name. For example, if your entity name is "My Service" and your entity tag is “my-service”, then the corresponding application name in Coralogix should be “My Service” or "my-service".

If your Coralogix application names don’t cleanly match the Cortex entity identifier, you can override this in the Cortex entity descriptor.

Editing the entity descriptor

Coralogix alerts can be listed in the Catalog under the Coralogix section. We support application names in the YAML for pulling Coralogix alerts.

info:
  x-cortex-coralogix:
    applications:
    - applicationName: my-app # application name tied to alert
      alias: my-alias # alias is optional and only relevant if you have opted into multi account support

Scorecards and CQL

With the Coralogix integration, you can create Scorecard rules and write CQL queries based on Coralogix alerts.

coralogix != null

ccoralogix.alerts().length >= 3

coralogix.alerts(statuses = ["triggered"]).length -= 0