Integrate Prisma Cloud with PagerDuty

Learn how to integrate Prisma™ Cloud with PagerDuty to see alerts in your service or application.
Integrate Prisma™ Cloud with PagerDuty to aid alerting, on-call scheduling, escalation policies, and incident tracking to increase uptime of your apps, servers, websites, and databases. When integrated, Prisma Cloud sends alerts to the PagerDuty service so that your incident response teams are notified to investigate and remediate the security incidents.
  1. Add a new service in PagerDuty and get the integration key. You have to provide this integration key in Prisma Cloud.
    1. Log in to PagerDuty.
    2. Click
      Configuration
      Services
      and add a
      +New Service
      .
      pagerduty-confg-service.png
    3. Complete the
      Add a Service
      form.
    4. In the
      Integration Settings
      , set the
      Integration Type
      to
      Use our API Directly
      and select
      Events API V2
      .
      pagerduty-integration-settings.png
    5. Afteryou fill out all the details,
      Add Service
      .
    6. Copy and save the
      Integration Key
      .
      You will need to enter this integration key in Prisma Cloudwhen you add this integration.
      pagerduty-integration-key.png
      For more information aboutintegrations with PagerDuty, see PagerDuty Documentation.
  2. Set up PagerDuty as an integration channel on Prisma Cloud.
    1. Log in to Prisma Cloud and select
      Settings
      Integrations
      .
    2. +Add New
      integration.
    3. Set the
      Integration Type
      to
      pagerduty
      .
    4. Enter the
      Integration Key
      of your service on PagerDuty.
    5. Click
      Next
      and then
      Test
      .
      pagerduty-integration-on-prisma-cloud.png
    6. Save
      the integration.
      Prisma Cloud creates a test incident and sends it to your service in PagerDuty. To make sure that this integration is successful, look for the test integration in your PagerDuty Service.
      pagerduty-test-incident.png
  3. Modify an existing alert rule or create a new alert rule to send alert notifications to PagerDuty. (See Send Prisma Cloud Alert Notifications to Third-Party Tools.)
  4. View Prisma Cloud in PagerDuty.
    In PagerDuty, all the open alerts display the Incident State as
    Triggered
    and all the resolved alerts display the Incident State as
    Resolved
    .
    pagerduty-incidents.png

Recommended For You