Configuration Guide for PagerDuty Integration

Overview

Threat Stack’s integration with PagerDuty allows customers to easily send alerts generated by Threat Stack policies into PagerDuty to better manage their notifications and to fit in with operations workflow. Dismissing an alert within Threat Stack will automatically resolve the incident in PagerDuty. We’ve utilized PagerDuty Connect to make getting up-and-running as easy as possible.

 

Configuration Integration

Note - you must have an existing Basic, Standard or Enterprise PagerDuty account with API access.


Getting started with integrating Threat Stack and PagerDuty start in the Configuration > Integrations tab in Threat Stack:

 


Clicking the “Alert with PagerDuty” button will begin the integration and take the user to the integration authorization page in PagerDuty:

 


The customer enters their PagerDuty username and password to authorize the integration. Once authorized, the user can choose to create a new service or utilize an existing service:


After finishing the integration, the user is returned to Threat Stack and is able to configure the severity level of alerts sent to PagerDuty, view integration details and send a test trigger:




At this point, the integration is live and any alerts matching the customer’s severity level setting will result in PagerDuty incidents and notifications. When an alert is fired and a user is notified in PagerDuty, we pass along additional details, including a stable URL that can take the user directly to the alert in Threat Stack:


Clicking “Details” reveals more information about the incident. 

 

 

Clicking “View in Threat Stack” will take the user directly to the alert details for further investigation:

 

Have more questions? Submit a request

0 Comments

Please sign in to leave a comment.