Workload Security Webhook Example for PagerDuty
Suggest changes
PDFs
Webhooks allow users to send alert notifications to various applications using a customized webhook channel. This page provides an example for setting up webhooks for PagerDuty.
|
This page refers to third-party instructions, which are subject to change. Refer to the PagerDuty documentation for the most up-to-date information. |
PagerDuty Setup:
-
In PagerDuty, navigate to Services > Service Directory and click on the +New Service button.
-
Enter a Name and select Use our API directly. Select Add Service.
-
Select the Integrations tab to see the Integration Key. You will need this key when you create the Workload Security webhook below.
-
Go to Incidents or Services to view Alerts.
Create Workload Security PagerDuty Webhook:
-
Navigate to Admin > Notifications and select the Workload Security Webhooks tab. Select '+ Webhook' to create a new webhook.
-
Give the webhook a meaningful name.
-
In the Template Type dropdown, select PagerDuty Trigger.
-
Create a custom parameter secret named routingKey and set the value to the PagerDuty Integration Key created above.
Notifications via Webhook
-
To notify on events via webhook, navigate to Workload Security > Policies. Select +Attack Policy or +Warning Policy.
-
Enter a meaningful policy name.
-
Select required Attack Type(s), Devices to which the policy should be attached, and the required Actions.
-
Under Webhooks Notifications dropdown, select the required PagerDuty webhooks. Save the policy.
Note: Webhooks can also be attached to existing policies by editing them.
