AMA: JupiterOne and PagerDuty Webhooks

circle
circle

AMA is an ongoing series published each Thursday, highlighting questions the community has asked in our support and how-to channels on Slack. If you haven't already done so, please join us on Slack

J1_Ambassador Apollo @2x

 
 

"Any tips/documentation on how to have JupiterOne use PagerDuty? I'm looking for documentation on how to have alerts use PagerDuty webhooks."

--Question from Pete on the J1 Community Slack

 

Answer from the JupiterOne Team

Hi Pete. There are two options to make use of our webhook option to trigger PagerDuty

You can use J1's webhook trigger to POST to PagerDuty’s incident creation API - this will create a new PagerDuty incident every time the Alert triggers in J1.

If  you want to POST new PagerDuty events to update existing incidents (instead of always creating a new incident), you could create a generic PagerDuty integration for PagerDuty’s Events v1 API - This will give you an integration service_key so you can use J1's webhook trigger to POST to PagerDuty’s Send v1 Event API instead.

Support documentation is located in our Guides and Integrations documentation under PagerDuty.

Articles in this Series

  1. AMA: JupiterOne and PagerDuty WebHooks
  2. AMA: Export YAML Files for Vendors Pulled from SSO Providers
  3. AMA: Map Controls and Frameworks Relationships
  4. AMA: How to Track Professional Associations, Security Forums, and Threat Intel Sources
  5. AMA: Find AWS Instances by their Private IP Address
  6. AMA: SSO Integrated Authentication, Move to Another Role
  7. AMA: send-mail action to map two properties
  8. AMA: Setup the Policy Accept Button
  9. AMA: Match a blank field in J1QL
  10. AMA: Track and Alert Using Firewall Rules Matrix
  11. AMA: AWS Roles not used for 90 days, and date related queries
  12. AMA: Manage Alerts for Jira through J1 Terraform Provider
  13. AMA: Filter Results from Specific AWS Accounts
  14. AMA: Iterate and return total count of iam users per account
  15. AMA: Search for security groups by tag
  16. AMA: Identify S3 Buckets Open to Cross-Account Attacks

Resources for this AMA

 

 

avatar

Posted By George Tang

I possess extensive senior information security leadership experience from serving hundreds of clients by assessing, designing, and implementing security + enterprise risk management programs. I assess + advise companies (from Fortune 5 to pre-seed startups) on their businesses', products', and environments’ security architectures. Additionally, I own a rare blend of technical subject matter expertise within the cloud technology space across the major hyperscale cloud service providers, i.e., AWS, Azure, GCP, specifically within the infrastructure security domain. Background: information security, cloud security, cyber security, governance/risk/compliance, assessments + advisory, risk management/risk assessment.

To hear more from George, get our newsletter. No spam, just the good stuff once or twice a month. Sign up below.

PREVIOUS ARTICLE