Event Sources & Integration
NopeSight provides universal connectivity to your entire monitoring ecosystem. Our platform ingests events from any monitoring tool, normalizes diverse formats, and creates a unified operational view across all your systems.
Supported Event Sources
Enterprise Monitoring Platforms
Nagios & Nagios XI
Integration Method: Webhook & API
Real-time Support: Yes
Bidirectional: Yes
Data Collected:
- Host and service states
- Performance metrics
- Check results and outputs
- Acknowledgments and downtime schedules
- Custom variables and macros
Key Features:
- Automatic severity mapping (OK, Warning, Critical, Unknown)
- Service and host grouping
- Notification suppression during maintenance
- Performance data extraction
- Custom attribute preservation
Zabbix
Integration Method: Webhook & API Polling
Real-time Support: Yes
Bidirectional: Yes
Data Collected:
- Trigger events
- Item values and metrics
- Host information
- Maintenance windows
- Event acknowledgments
Key Features:
- Trigger severity mapping
- Host group correlation
- Maintenance mode awareness
- Macro expansion
- Historical data access
Prometheus & AlertManager
Integration Method: Webhook
Real-time Support: Yes
Bidirectional: No
Data Collected:
- Alert rules and states
- Label sets
- Annotations
- PromQL query results
- Silence periods
Key Features:
- Label-based enrichment
- Multi-dimensional metrics
- Silence synchronization
- Recording rule support
- Grafana dashboard linking
Cloud Platform Monitoring
AWS CloudWatch
Integration Method: EventBridge & API
Real-time Support: Yes
Bidirectional: Limited
Data Collected:
- CloudWatch alarms
- Custom metrics
- Log insights
- X-Ray traces
- AWS service events
Key Features:
- Multi-region support
- Service-specific parsing
- Cost anomaly detection
- Auto-scaling events
- Lambda function metrics
Azure Monitor
Integration Method: Webhook & REST API
Real-time Support: Yes
Bidirectional: Limited
Data Collected:
- Azure alerts
- Metrics and logs
- Activity log events
- Application Insights
- Resource health
Key Features:
- Resource group mapping
- Subscription-level monitoring
- Cost management alerts
- Security Center integration
- Log Analytics queries
Infrastructure & Logs
Syslog
Integration Method: UDP/TCP Receiver
Real-time Support: Yes
Bidirectional: No
Data Collected:
- System logs
- Application logs
- Security events
- Kernel messages
- Custom log streams
Key Features:
- RFC 3164/5424 support
- Facility/severity mapping
- Pattern extraction
- Multi-line log handling
- Source identification
SNMP Traps
Integration Method: Trap Receiver
Real-time Support: Yes
Bidirectional: No
Data Collected:
- Network device alerts
- Environmental sensors
- Hardware status
- Link up/down events
- Custom OID values
Key Features:
- MIB translation
- v1/v2c/v3 support
- Community string mapping
- OID to human-readable conversion
- Trap forwarding
Custom Sources
Integration Method: REST API & Webhooks
Real-time Support: Yes
Bidirectional: Yes
Data Formats:
- JSON (preferred)
- XML
- Plain text
- CSV
- Custom formats with mapping
Key Features:
- Flexible field mapping
- Custom severity definitions
- Timestamp format handling
- Batch event support
- Authentication options
Integration Architecture
Event Normalization
Unified Event Model
Every event, regardless of source, is normalized into our standard format:
| Field | Description | Example |
|---|---|---|
| source | Monitoring tool identifier | "nagios", "zabbix", "prometheus" |
| sourceId | Unique ID from source system | "NAG-12345", "ZBX-67890" |
| severity | Normalized severity level | critical, major, minor, warning, info |
| title | Event summary | "Database Connection Failed" |
| description | Detailed event information | "MySQL connection timeout after 30s" |
| timestamp | Event occurrence time | ISO 8601 format |
| hostname | Affected host | "db-prod-01.example.com" |
| service | Affected service | "mysql", "apache", "redis" |
| category | Event classification | hardware, software, network, security |
Severity Mapping
Each source's severity levels are automatically mapped:
| Source | Critical | Major | Minor | Warning | Info |
|---|---|---|---|---|---|
| Nagios | CRITICAL, DOWN | - | UNKNOWN | WARNING | OK, UP |
| Zabbix | Disaster | High | Average | Warning | Information |
| Prometheus | critical | error | warning | - | info |
| CloudWatch | ALARM | - | INSUFFICIENT_DATA | - | OK |
| Syslog | Emergency, Alert, Critical | Error | - | Warning | Notice, Info, Debug |
Integration Methods
1. Webhook Integration (Recommended)
Fastest and most efficient method for real-time events
Setup Process:
- Generate webhook URL in NopeSight
- Configure source to send events to webhook
- Set authentication token
- Test with sample event
- Enable production flow
Benefits:
- Real-time event delivery (< 1 second)
- No polling overhead
- Automatic retry on failure
- Batch event support
- Lower resource consumption
Security:
- Token-based authentication
- IP whitelisting available
- SSL/TLS encryption required
- Request signing optional
- Rate limiting protection
2. API Polling
For systems that don't support webhooks
Configuration:
- Polling interval: 30 seconds to 5 minutes
- Batch size: Up to 1000 events per poll
- Incremental updates only
- Automatic backfill support
Use Cases:
- Legacy systems
- Firewall restrictions
- Compliance requirements
- Historical data import
3. Protocol Listeners
For standard protocols like Syslog and SNMP
Supported Protocols:
- Syslog (UDP/TCP ports 514, 1514)
- SNMP Traps (UDP port 162)
- MQTT (TCP port 1883)
- Custom TCP/UDP listeners
Features:
- High-performance receivers
- Protocol-specific parsing
- Source identification
- Automatic format detection
Configuration Examples
Nagios Integration
Step 1: Create Integration
NopeSight Console > Event Sources > Add Source > Nagios
Step 2: Configure Nagios Commands
# In Nagios configuration
define command {
command_name notify-nopesight
command_line /usr/local/bin/send_to_nopesight.sh \
"$HOSTNAME$" "$SERVICEDESC$" "$SERVICESTATE$" \
"$SERVICEOUTPUT$" "$TIMET$"
}
Step 3: Apply to Services
define service {
...
event_handler notify-nopesight
}
Prometheus AlertManager
Step 1: Generate Webhook URL
https://events.nopesight.com/webhook/prometheus/{integration-id}
Step 2: Configure AlertManager
receivers:
- name: 'nopesight'
webhook_configs:
- url: 'https://events.nopesight.com/webhook/prometheus/abc123'
send_resolved: true
http_config:
bearer_token: 'your-token-here'
Step 3: Route Alerts
route:
receiver: 'nopesight'
group_by: ['alertname', 'cluster', 'service']
group_wait: 10s
group_interval: 10s
repeat_interval: 12h
Custom API Integration
Endpoint:
POST https://api.nopesight.com/events/ingest
Headers:
Authorization: Bearer {api-token}
Content-Type: application/json
Payload Example:
{
"source": "custom",
"sourceId": "APP-001",
"severity": "major",
"title": "Payment Service Error",
"description": "Failed to process payment transaction",
"timestamp": "2024-01-15T10:30:00Z",
"hostname": "payment-app-01",
"service": "payment-gateway",
"details": {
"error_code": "PG-500",
"transaction_id": "TXN-12345",
"customer_impact": "high"
}
}
Advanced Features
Event Enrichment
Events are automatically enriched with:
CMDB Context:
- Configuration item details
- Business service mapping
- Owner and team information
- Location and environment
- Dependencies and relationships
Historical Context:
- Previous occurrences
- Resolution history
- Related changes
- Similar patterns
- Baseline comparisons
Filtering & Routing
Pre-Processing Filters:
- Severity-based filtering
- Source-specific rules
- Time-based suppression
- Duplicate detection
- Maintenance mode handling
Smart Routing:
- Team-based assignment
- Service ownership
- Skill-based routing
- Follow-the-sun support
- Escalation paths
Bulk Operations
Batch Event Ingestion:
- Up to 1000 events per request
- Transactional processing
- Partial success handling
- Error reporting
- Retry mechanisms
Historical Import:
- CSV/JSON file upload
- Date range selection
- Incremental loading
- Duplicate handling
- Progress tracking
Performance & Limits
Ingestion Rates
| Tier | Events/Minute | Burst Capacity | Retention |
|---|---|---|---|
| Standard | 1,000 | 5,000 | 90 days |
| Professional | 10,000 | 50,000 | 180 days |
| Enterprise | 100,000 | 500,000 | 365 days |
| Custom | Unlimited | Unlimited | Configurable |
API Rate Limits
| Operation | Limit | Window |
|---|---|---|
| Single Event | 100 req/min | Sliding |
| Bulk Events | 10 req/min | Sliding |
| Webhook | 1000 req/min | Sliding |
| Query API | 60 req/min | Sliding |
Processing Guarantees
- At-least-once delivery - Events never lost
- Order preservation - Within same source
- Idempotency - Duplicate prevention
- Retry logic - Automatic failure handling
- Dead letter queue - Failed event recovery
Security & Compliance
Authentication Methods
-
API Tokens
- Bearer token authentication
- Scoped permissions
- Rotation support
- Audit logging
-
OAuth 2.0
- Standard flow support
- Service accounts
- Token refresh
- SSO integration
-
Mutual TLS
- Certificate-based auth
- Client verification
- Chain validation
- Revocation checking
Data Security
- Encryption in Transit: TLS 1.2+ required
- Encryption at Rest: AES-256 encryption
- Data Residency: Regional storage options
- PII Handling: Automatic detection and masking
- Audit Trail: Complete event lineage
Compliance Features
- GDPR: Data retention and deletion
- HIPAA: PHI handling and encryption
- SOC 2: Security controls and monitoring
- PCI DSS: Cardholder data protection
- ISO 27001: Information security management
Troubleshooting
Common Integration Issues
Events Not Arriving:
- Verify webhook URL is correct
- Check authentication credentials
- Confirm network connectivity
- Review firewall rules
- Check source system logs
Incorrect Severity Mapping:
- Review severity mapping configuration
- Check source-specific overrides
- Verify normalization rules
- Update mapping if needed
Missing Fields:
- Confirm source sends all data
- Check field mapping rules
- Review enrichment configuration
- Enable debug logging
High Latency:
- Check network path
- Review batch sizes
- Optimize polling intervals
- Consider webhook migration
Validation Tools
Test Event Submission:
curl -X POST https://api.nopesight.com/events/test \
-H "Authorization: Bearer YOUR_TOKEN" \
-H "Content-Type: application/json" \
-d '{"source":"test","severity":"info","title":"Test Event"}'
Verify Integration:
- Integration health dashboard
- Test event generator
- Connection validator
- Format checker
- Performance monitor
Best Practices
1. Start Simple
- Begin with one critical source
- Validate normalization
- Test correlation
- Expand gradually
2. Use Webhooks When Possible
- Lower latency
- Reduced overhead
- Better reliability
- Real-time processing
3. Implement Filtering Early
- Reduce noise at source
- Filter maintenance events
- Suppress duplicates
- Focus on actionable alerts
4. Monitor Integration Health
- Track ingestion rates
- Watch error rates
- Monitor latency
- Review dropped events
5. Plan for Growth
- Design for scale
- Implement batching
- Use async processing
- Archive old events
Next Steps
- 📖 Event Correlation - Group related events
- 📖 AI Analysis - Add intelligence to events
- 📖 Notification Channels - Route alerts effectively