Sysdig Documentation

Custom Events

Sysdig Monitor can ingest any custom event created, including code deploys, auto-scaling activities, and business level actions. These events will be automatically overlayed on charts and graphs for easy correlation of all performance data. The sections below outline the different ways custom events can be sent to Sysdig Monitor.

Application Integrations

Sysdig Monitor supports event integrations with certain applications by default. The Sysdig agent will automatically discover these services and begin collecting event data from them. For more information, refer to the Events documentation.

Sysdig Monitor Slackbot

Sysdigbot, the Sysdig Monitor Slackbot, allows users to post custom events directly to the Sysdig Cloud through chats with a Slack bot.

Prebuilt Python Script

The Sysdig python script provides a way to send events to Sysdig Monitor directly from the command line, using the following command structure:

python post_event.py SYSDIG_TOKEN NAME [-d DESCRIPTION] [-s SEVERITY] [-c SCOPE] [-t TAGS] [-h]

For more information, refer to the Sysdig Github repository.

Python Sample Client

The Sysdig Monitor python client acts as a wrapper around the Sysdig Monitor REST API, exposing most of the REST API functionality to provide an easy to use and install python interface. The post_event() function can be used to send events to Sysdig Monitor from any custom script. An example script is shown below:

import os
import sys

sys.path.insert(0, os.path.join(os.path.dirname(os.path.realpath(sys.argv[0])), '..'))

from sdcclient import SdcClient

# Parse arguments
sdc_token = sys.argv[1]
name = sys.argv[2]

# Instantiate the SDC client
sdclient = SdcClient(SDC_TOKEN)

# Post the event using post_event(self, name, description=None, severity=None, event_filter=None, tags=None)
res = sdclient.post_event(NAME)

Curl Sample Client

The Sysdig Monitor REST API offers the full functionality of the Sysdig Monitor app over API, allowing custom events to be sent directly to the Sysdig Cloud over the REST API. The example below is a curl request:

#!/bin/bash
SDC_ACCESS_TOKEN='626abc7-YOUR-TOKEN-HERE-3a3ghj432'
ENDPOINT='app.sysdigcloud.com'

curl -X POST -s 'https://'"${ENDPOINT}"'/api/events' \
-H 'Content-Type: application/json; charset=UTF-8' \
-H 'Accept: application/json, text/javascript, */*; q=0.01' \
-H 'Authorization: Bearer '"${SDC_ACCESS_TOKEN}"'' \
--data-binary '{"event":{"name":"Jenkins - start wordpress deploy","description":"deploy","severity":"6","tags":{"build":"89"}}}' --compressed
sleep 5s

See also Enable/Disable Event Data.