Automate Your Cloud Operations With Humio and Fylamynt

This blog was originally published Dec. 2, 2021 on humio.com. Humio is a CrowdStrike Company.

A new API integration for Humio and Fylamynt helps joint customers improve the efficiency of their cloud operations teams by automating repetitive and manual operations tasks. Fylamynt, a low-code platform that delivers a developer’s approach to ITOps with site reliability engineering (SRE), works with Humio to empower faster response times to critical operational issues, reduce human error and increase productivity so DevOps teams can focus on adding value through innovation.

The two-way integration means, within the Fylamynt interface, customers can now click to pull in raw logs from Humio that are relevant to a particular issue and are needed for detailed analysis and investigation. Fylmaynt receives Humio alerts through an API call and can execute common, repetitive tasks such as restarting critical EC2 instances, remediating resource bottlenecks, maintaining resources and sending communications to key stakeholders. This results in faster resolution of issues, as engineers have streaming data at their fingertips through a single interface.

Why automation is essential for cloud operations

Cloud automation reduces operational costs and errors

Cloud automation workflows with Fylamynt and Humio reduce the amount of hands-on effort needed to manage cloud operations. Users can schedule routine processes to run automatically, freeing up operational resources. Fewer manual processes also mean fewer errors, which lead to less time spent diagnosing and debugging issues.

Cloud automation drives innovation

Streamlining and reducing repetitive tasks means developers can focus on improving processes, building new features and solving urgent problems instead of performing routine fixes or daily housekeeping.

Cloud automation helps with timely risk management

Calculating the amount of risk associated with an incident or resource through Fylamynt is also a crucial element; it helps with the first degree incident triage and containment. It’s also important for an SRE to correctly prioritize incidents based on the associated risk or damage.

The bi-directional integration between Humio and Fylamynt has many potential use cases, but two of the most obvious are, first, to have Humio alerts trigger automated operational tasks in a cloud environment and, second, to have Fylamynt detections enriched with detailed logs pulled from Humio. A summary of these two use cases is covered below:

Humio alert triggers automated Fylamynt cloud operations tasks

Let’s start with a simple example based on Humio identifying potential downtime and Fylamynt responding to the alert by triggering an automated workflow. In this cloud automation scenario, Humio sends an alert on potential downtime related to a critical EC2 instance to Fylamynt.

Once Fylamynt gets the alert, a workflow is triggered, and as part of the first step, Fylamynt generates a Jira ticket to inform the CloudOps team of a high-priority incident regarding this instance.

Example of creating a response workflow in Fylaymnt

Fylamynt’s integration with AWS enables it to call any AWS service or perform specific actions (such as providing required or optional inputs) on AWS nodes. In this case, the workflow will try to restart the EC2 instance automatically using the “Startinstances” command on the stopped EC2 instance.

If the EC2 instance is successfully restarted, Fylamynt then sends a Slack message to the CloudOps team informing them that an EC2 instance was started based on a Humio alert.

Example slack notification generated by Fylamynt

The EC2 instance ID is automatically pulled from a different node dynamically so the whole communication process is automated. Should the EC2 instance restart fail for any reason, a Slack message is sent to the Ops team’s Slack channel alerting them of the failed operation with accompanying incident details for further investigation.

In the Fylamynt Executions dashboard, you can also track when an alert from Humio comes in and a workflow is executed. You can see the progress of each node and the outcome of each node execution.

Summary dashboard of executions in Fylamynt

Automated enrichment of Fylamynt with Humio logs

The second use case involves triggering a Humio search from the Fylamynt interface for a snapshot of logs generated within a certain period for troubleshooting purposes.

This simple-looking action can provide a lot of value when paired with an alert that needs to be enriched. Adding context automatically to an alert and making data-driven decisions will help the responder prioritize tasks and also filter out false positives.

Fylamynt queries a particular Humio repository, retrieves the logs over the relevant time period and stores the logs to an S3 bucket. Developers can customize the search criteria for a specific time period. For example, the picture below features a 15-minute time period on July 30, 2021.

Example of configuring a search trigger in Fylamynt to search Humio for all relevant logs in a 15-minute window

Once the logs are successfully added to the S3 bucket, you can choose to download the logs directly from S3 for any further investigations.

Enabling the Humio and Fylamynt integration

Implementing this integration requires only a few simple configuration steps in both Humio and Fylamynt. The integration is free to use. For details on how to set up the integration, please refer to this article in the Fylamynt documentation library, which includes simple, step-by-step instructions. The Humio documentation library has a corresponding brief explanation here.

Additional resources

Related Content