# Manage alerts and integrations The Local WEKA Home can be configured to send alerts through Email (SMTP), PagerDuty, SNMP Traps (v1/v2c/v3), and Syslog (RFC 5424). For instance, you can set it to send email notifications to a specific address if the cluster's data protection level drops below a set threshold.

## Set the Local WEKA Home to send events and alerts Setting the Local WEKA Home to send events and alerts includes the following procedures: 1. **Create an integration:** Set the destination on the **Integration** page. 2. **Create rules:** On the **Rules** page, select the rule conditions to trigger specific alerts or events and assign the rule to the integration. ### Create an integration 1. Access the Local WEKA Home portal with an admin account and the password (obtained during the LWH deployment. For example, see [/pages/WCG8kRpB7jFoBpZ5oXLs#id-5.-access-the-local-weka-home-portal-and-grafana](https://docs.weka.io/monitor-the-weka-cluster/the-wekaio-support-cloud/pages/WCG8kRpB7jFoBpZ5oXLs#id-5.-access-the-local-weka-home-portal-and-grafana "mention")). 2. From the menu, select **Manage** > **Integrations**. 3. On the **Integration** page, select **New**.

3. On the **Create Integration** page, select one of the destinations and set the relevant values as follows: {% tabs %} {% tab title="PagerDuty" %} 1. In **Name**, enter a meaningful destination name for the integration. 2. In **Type**, select **PageDuty**. 3. In **Routing Key**, set the routing key of your pager duty. 4. Ensure the integration is enabled (indicated by a green arrow). 5. Select **Save Integration**.

{% endtab %} {% tab title="Email" %} 1. In **Name**, enter a meaningful destination name for the integration. 2. In **Type**, select **Email**. 3. In **Destination**, set the destination email address. 4. Ensure the integration is enabled (indicated by a green arrow). 5. Select **Save Integration**.

{% endtab %} {% tab title="SNMP Trap" %} 1. In **Name**, enter a meaningful destination name for the integration. 2. In **Type**, select **SNMP Trap**. 3. In the **Version**, select the required SNMP version to use with your SNMP-based tool. 4. Set the values of the properties required according to the selected version: * **v1:** SNMP version 1, which only requires the SNMP server hostname or IP address and a plaintext community. * **v2c:** SNMP version 2c, similar to SNMP v1, but adds support for 64-bit counters. * **v3\_NoAuthNoPriv:** SNMP version 3 with security of a user name and EngineID, but without authentication and privileges. * **v3AuthNoPriv:** SNMP version 3 with security of a user name, EngineID, and authentication but without privileges. * **v3AuthPriv:** SNMP version 3 with security of a user name, EngineID, authentication, and privileges. 5. Ensure the integration is enabled (indicated by a green arrow). 6. Download the WEKA\_HOME-MIB.txt file and apply it in your SNMP system. 7. Select **Save Integration**.

SNMP integration: **v3_AuthPriv** (v3 with authentication and privileges settings)

{% endtab %} {% tab title="Syslog" %} 1. In **Name**, provide a clear and descriptive name for the integration. 2. In **Type**, select **Syslog**. 3. In **Syslog Host**, enter the Hostname or IP address of the syslog server 4. In **Syslog Port**, specify the Port number (1–65535). Default is 514. 5. In **Protocol**, choose a transport protocol: * **UDP:** Sends plain messages with a newline terminator. Delivers on a best-effort basis. This is the default. * **TCP:** Uses RFC 5425 octet-counted framing (`{length} {message}`). Ensures reliable delivery. * **TLS:** Operates like TCP but with TLS 1.2+ encryption. It verifies the server certificate using the system's CA store. You can provide a custom CA certificate for internal or private CAs. Alternatively, choose **Skip TLS Verification** to bypass certificate validation. The CA certificate is validated before saving the integration. 6. Ensure the integration is enabled (indicated by a green arrow). 7. Select **Save Integration**.

{% endtab %} {% endtabs %} #### Syslog technical reference After configuring the Syslog integration, use the following technical details to ensure your Syslog server or SIEM (such as, Splunk, LogRhythm) can correctly parse the incoming data. **Message format** Local WEKA Home messages follow the RFC 5424 standard: ``` 1 TIMESTAMP HOSTNAME weka-home - MSGID [STRUCTURED-DATA] MESSAGE ``` * PRI: Calculated from facility (User = 1) and WEKA severity. * TIMESTAMP: ISO 8601 / RFC 3339 format (example, `2026-03-05T12:39:51Z`). * HOSTNAME: Node ID (if available), cluster name, or `weka-home`. * APP-NAME: Always `weka-home`. * MSGID: The event or alert type (spaces are replaced with underscores). * STRUCTURED-DATA: Key-value pairs in RFC 5424 format: `[params key="value" ...]`. * MESSAGE: The human-readable description of the notification. **Payload contents** The structured data/JSON payload varies by notification type: * Events: `customer_name`, `event_type`, `cluster_id`, `event_fields`, `severity`, `weka_home_url` * Alerts: `customer_name`, `alert_type`, `cluster_id`, `title`, `content`, `action`, `severity`, `weka_home_url` **Severity mapping** WEKA severity levels are mapped to standard Syslog severity codes: | WEKA severity | Syslog severity | Code | | --------------- | --------------- | ---- | | Critical | CRIT | 2 | | Major | ERR | 3 | | Minor / Warning | WARNING | 4 | | Info | INFO | 6 | | Debug | DEBUG | 7 | | None (default) | NOTICE | 5 | **Connection settings** Connection timeout: 10 seconds for all protocols (UDP, TCP, and TLS). ### Create a rule 1. From the menu, select **Manage** > **Rules**. 2. On the **Rules** page, select **New**.

5. On the **Create Rule** page, do the following: 1. Enter a meaningful name for the rule. 2. Select the event or alert type from **Rule Type** and set the entity, operator, and condition, for the selected rule type. 3. Select **View integrations** and select the required integration (destination) from the list. 4. Select **Save Rule**. A green confirmation message appears for a successful setting. ### Examples #### Create an event rule that sends all critical events to a predefined email

#### Create an alert rule that sends all tiering connectivity alerts to a predefined email

--- # Agent Instructions: Querying This Documentation If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question. Perform an HTTP GET request on the current page URL with the `ask` query parameter: ``` GET https://docs.weka.io/monitor-the-weka-cluster/the-wekaio-support-cloud/manage-alerts-and-integrations.md?ask= ``` The question should be specific, self-contained, and written in natural language. The response will contain a direct answer to the question and relevant excerpts and sources from the documentation. Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.