Skip to main content
Connect your Better Stack account to enable CloudThinker agents to monitor uptime, triage incidents, view on-call schedules, and search logs. Better Stack uses OAuth — you authorize CloudThinker once from inside Better Stack, scoped to the team you choose.

Prerequisites

  • A Better Stack account with access to the team you want to connect.
  • Permission to authorize third-party apps for that team.
OAuth scopes the connection to what your Better Stack user can already see. Connect with the least-privileged user that works.

Setup

1

Open CloudThinker

Navigate to Connections → Better Stack in your CloudThinker workspace.
2

Start the OAuth flow

Click Connect to open Better Stack’s authorization page.
3

Authorize CloudThinker

Sign in, choose the team to connect, and approve access.
4

Return to CloudThinker

You’re redirected back. The connection shows a Connected status.
To switch teams or revoke access, disconnect in CloudThinker and reconnect, or remove the authorization in Better Stack’s app settings.

Connection details

Better Stack uses OAuth — there are no credential fields to store. CloudThinker holds the authorization token issued by Better Stack after you approve access.

Required permissions

CloudThinker inherits the authorizing user’s visibility within the connected team.
  • Read operations (monitors, incidents, on-call, logs, metrics) work with standard member access.
  • Write operations (acknowledging incidents, publishing reports, editing dashboards or alerts) need matching Better Stack permissions and explicit approval in CloudThinker.

Agent capabilities

Once connected, agents have read access to two Better Stack surfaces and approval-gated write access. Uptime Telemetry Write operations (approval-gated)
Writes change live monitoring and incident state. CloudThinker requires explicit approval, naming the resource, before any write runs.

Verify the connection

Example prompts

Log search is scoped per source, so there’s no global search. Name the source (e.g. api-gateway) so the agent can resolve it before querying.

Troubleshooting

The OAuth token expired or access is insufficient. Disconnect and reconnect.
The resource belongs to a different team or was deleted. Re-list it in the connected team to get current IDs.
You’ve hit Better Stack’s rate limit. Agents back off and retry automatically.
Better Stack uses Live Tail syntax. Ask the agent to load the query instructions for the source, then refine.

Security

  • Least privilege — grant only the permissions the agents need for your use case; start read-only and widen later.
  • Read-only by default — use read-only credentials unless you want agents to make changes through this connection.
  • Rotate credentials — rotate keys and tokens on your normal schedule; CloudThinker picks up the new value when you update the connection.
  • Revoke on offboarding — remove the credential at the provider when you delete a connection or a teammate leaves.
  • Least-privilege user — authorize with only the access CloudThinker needs; limit the authorizing user’s team membership to what CloudThinker should see.
  • Revoke when unused — remove the authorization in Better Stack’s app settings if you stop using the connection.
https://mintcdn.com/cloudthinker/aLd-ttc-SCW-aFky/images/icons/datadog.svg?fit=max&auto=format&n=aLd-ttc-SCW-aFky&q=85&s=e8382167f2a1eb1e00971b5f4d703d48

Datadog Connection

Observability and monitoring
https://mintcdn.com/cloudthinker/aLd-ttc-SCW-aFky/images/icons/pagerduty.svg?fit=max&auto=format&n=aLd-ttc-SCW-aFky&q=85&s=cdc34a966d5d46da70c3bc509a2a7492

PagerDuty Connection

Incident alerting and on-call