Integrate Prisma Cloud with PagerDuty

Learn how to integrate Prisma Cloud with PagerDuty to see alerts in your service or application.
Integrate Prisma Cloud with PagerDuty to aid alerting, on-call scheduling, escalation policies and incident tracking to increase uptime of your apps, servers, websites and databases. When integrated, Prisma Cloud sends alerts to the PagerDuty service so that your incident response teams are notified to investigate and remediate the security incidents.
  1. Add a new service in PagerDuty and get the integration key. You have to provide this integration key in Prisma Cloud.
    1. Log in to PagerDuty.
    2. Click
      Configuration
      Services
      and click
      +New Service
      .
      pagerduty-confg-service.png
    3. Fill the
      Add a Service
      form.
    4. In the
      Integration Settings
      , select the
      Integration Type
      as
      Use our API Directly
      and select
      Events API V2
      .
      pagerduty-integration-settings.png
    5. Click
      Add Service
      after filling out all your details.
    6. Copy the
      Integration Key
      from Integrations and have it handy.
      You will need to give this integration key into Prisma Cloude while adding this integration.
      pagerduty-integration-key.png
      For more information on integrations in PagerDuty, see PagerDuty Documentation.
  2. Set up PagerDuty as an integration channel on Prisma Cloud.
    1. Log in to Prisma Cloud and select
      Settings
      Integrations
      .
    2. Select
      +Add New
      .
    3. Set the
      Integration Type
      as
      pagerduty
      .
    4. Enter the
      Integration Key
      of your Service on PagerDuty.
    5. Click
      Next
      and then click
      Test
      .
      pagerduty-integration-on-prisma-cloud.png
    6. Click
      Save
      to save this integration.
      Prisma Cloud creates a test incident and sends it to your Service in PagerDuty. To make sure that this integration is successful, look for the test integration in your PagerDuty Service.
      pagerduty-test-incident.png
  3. Modify an existing Alert rule, or create a new Alert Rule to send Alert notifications to PagerDuty. See Send Prisma Cloud Alert Notifications to Third-Party Tools.
  4. View Prisma Cloud in PagerDuty.
    In Pagerduty, all the open alerts have the incident state as
    Triggered
    and all the resolved alerts have the incident state as
    Resolved
    .
    pagerduty-incidents.png

Related Documentation