PingSentry   |   Discord   |   System32   |   GitHub   |   Free tools

How can I integrate EventSentry with Telegram Messenger?

Article ID: 428
Category: Monitoring
Applies to: 3.1 and later
Updated: 2020-05-14

Telegram Messenger integration can be accomplished with the HTTP action.

Configuring Telegram Messenger

Creating a BOT
Telegram implements a "bot" system to send messages through an API to a specific channel or group. To create a bot, either search your contact list for BotFather or follow this link.

Inside a chat with BotFather, create a new bot with the parameter /newbot. BotFather will then ask for a name for the bot (note: all bot names need to end in "bot"). After the bot is created you will see a token that can be used to access the Telegram HTTP API. Save it in a secure place, you will need this key to configure your EventSentry HTTP action.

Creating a Telegram BOT

Creating a Group
From the Telegram Desktop App, mobile phone or web client select Menu/New Group.

Creating a group

After the group is created, the previously created BOT must be added to it. Tap on menu, add members and search for the bot name that was created earlier.

Add Bot to the Group

Configuring the EventSentry Action

In the management console, right-click on the "Actions" container (or ribbon) and select "Add" (1) from the ribbon. Choose a name (2) and select HTTP (3) as the action type.

Adding an action

EventSentry v4.2 and later includes a template for Telegram, but you can also add it manually. To add it manually use the following settings:
Type: POST/PUTURL (replace [API] with token received earlier): https://api.telegram.org/bot[API]/sendMessageContent Type: application/jsonContent (Data)

1
2
3
4
5
6
7
8
9
10

{
        "chat_id":"-[GROUPID]", 
        "parse_mode":"Markdown", 
        "text":"*Computer:*$EVENTCOMPUTER
        *Log:     *$EVENTLOG
        *Source:  *$EVENTSOURCE
        *Category:*$EVENTCATEGORY
        *Event ID:*$EVENTID
        *Content:*$EVENTMESSAGE"
}

Replacing [GROUPID] with the name of the group that was created. The easiest way to get the group ID is to use Telegram web. Simply click on the group and the URL will show the group id (the numbers immediately following =g are the group ID). Replace [GROUPID] with a hyphen followed by the group ID.

Example group ID

Using this example, the code should be:

1
2
3
4

{
  "chat_id":"-1122334455",
...
}

To send events to a channel instead of a group simply preface the channel name with the @ symbol, for example:

1
2
3
4

{
  "chat_id":"@AcmeAlerts",
...
}

The action configuration should look like this:

Action Configuration

Click TEST to verify that everything is working, you should receive a test message in the selected group or channel shortly:

Test Message

After the action is created & tested successfully, configure one or more event log filters to reference the action.


Support Resources

Knowledge Base Knowledge Base
Documentation Documentation
Screenshot Screencasts
Blog Blog

Contact Support

Phone 1-877-NETIKUS
Email support@netikus.net

Tags

action telegram telegram messenger

Try EventSentry on-premise

FREE 30-day evaluation

Download Now