Manage alerts and integrations
The Local WEKA Home can be configured to send alerts through Email (SMTP), PagerDuty, SNMP Traps (v1/v2c/v3), and Syslog (RFC 5424). For instance, you can set it to send email notifications to a specific address if the cluster's data protection level drops below a set threshold.
Set the Local WEKA Home to send events and alerts
Setting the Local WEKA Home to send events and alerts includes the following procedures:
Create an integration: Set the destination on the Integration page.
Create rules: On the Rules page, select the rule conditions to trigger specific alerts or events and assign the rule to the integration.
Create an integration
Access the Local WEKA Home portal with an admin account and the password (obtained during the LWH deployment. For example, see Deploy Local WEKA Home on K3s).
From the menu, select Manage > Integrations.
On the Integration page, select New.
On the Create Integration page, select one of the destinations and set the relevant values as follows:
In Name, enter a meaningful destination name for the integration.
In Type, select PageDuty.
In Routing Key, set the routing key of your pager duty.
Ensure the integration is enabled (indicated by a green arrow).
Select Save Integration.
In Name, enter a meaningful destination name for the integration.
In Type, select Email.
In Destination, set the destination email address.
Ensure the integration is enabled (indicated by a green arrow).
Select Save Integration.
In Name, enter a meaningful destination name for the integration.
In Type, select SNMP Trap.
In the Version, select the required SNMP version to use with your SNMP-based tool.
Set the values of the properties required according to the selected version:
v1: SNMP version 1, which only requires the SNMP server hostname or IP address and a plaintext community.
v2c: SNMP version 2c, similar to SNMP v1, but adds support for 64-bit counters.
v3_NoAuthNoPriv: SNMP version 3 with security of a user name and EngineID, but without authentication and privileges.
v3AuthNoPriv: SNMP version 3 with security of a user name, EngineID, and authentication but without privileges.
v3AuthPriv: SNMP version 3 with security of a user name, EngineID, authentication, and privileges.
Ensure the integration is enabled (indicated by a green arrow).
Download the WEKA_HOME-MIB.txt file and apply it in your SNMP system.
Select Save Integration.
In Name, provide a clear and descriptive name for the integration.
In Type, select Syslog.
In Syslog Host, enter the Hostname or IP address of the syslog server
In Syslog Port, specify the Port number (1–65535). Default is 514.
In Protocol, choose a transport protocol:
UDP: Sends plain messages with a newline terminator. Delivers on a best-effort basis. This is the default.
TCP: Uses RFC 5425 octet-counted framing (
{length} {message}). Ensures reliable delivery.TLS: Operates like TCP but with TLS 1.2+ encryption. It verifies the server certificate using the system's CA store. You can provide a custom CA certificate for internal or private CAs. Alternatively, choose Skip TLS Verification to bypass certificate validation. The CA certificate is validated before saving the integration.
Ensure the integration is enabled (indicated by a green arrow).
Select Save Integration.
Syslog technical reference
After configuring the Syslog integration, use the following technical details to ensure your Syslog server or SIEM (such as, Splunk, LogRhythm) can correctly parse the incoming data.
Message format
Local WEKA Home messages follow the RFC 5424 standard:
PRI: Calculated from facility (User = 1) and WEKA severity.
TIMESTAMP: ISO 8601 / RFC 3339 format (example,
2026-03-05T12:39:51Z).HOSTNAME: Node ID (if available), cluster name, or
weka-home.APP-NAME: Always
weka-home.MSGID: The event or alert type (spaces are replaced with underscores).
STRUCTURED-DATA: Key-value pairs in RFC 5424 format:
[params key="value" ...].MESSAGE: The human-readable description of the notification.
Payload contents
The structured data/JSON payload varies by notification type:
Events:
customer_name,event_type,cluster_id,event_fields,severity,weka_home_urlAlerts:
customer_name,alert_type,cluster_id,title,content,action,severity,weka_home_url
Severity mapping
WEKA severity levels are mapped to standard Syslog severity codes:
Critical
CRIT
2
Major
ERR
3
Minor / Warning
WARNING
4
Info
INFO
6
Debug
DEBUG
7
None (default)
NOTICE
5
Connection settings
Connection timeout: 10 seconds for all protocols (UDP, TCP, and TLS).
Create a rule
From the menu, select Manage > Rules.
On the Rules page, select New.
On the Create Rule page, do the following:
Enter a meaningful name for the rule.
Select the event or alert type from Rule Type and set the entity, operator, and condition, for the selected rule type.
Select View integrations and select the required integration (destination) from the list.
Select Save Rule.
A green confirmation message appears for a successful setting.
Examples
Create an event rule that sends all critical events to a predefined email
Create an alert rule that sends all tiering connectivity alerts to a predefined email
Last updated