# Blink Ops Destination

## **Overview**

Destinations are integrations that receive alerts from rules, policies, system health notifications, and rule errors. Panther supports configuring [Blink Ops](https://www.blinkops.com/) as the destination where you will receive alerts.

Blink Ops supports receiving alerts with a maximum payload size of 5 MB. If an alert is greater than 5 MB size due to a large alert context, Panther will truncate the alert context.

## How to set up Blink Ops alert destinations in Panther

### Step 1: Create a Panther trigger in Blink Ops

1. In the left-hand navigation bar of your Blink Ops console, click **Workspace** > **Automations**.\
   ![A navigation bar is shown, and an arrow is drawn from the "Workspace" option to the "Automations" option in its sub-navigation panel.](https://4011785613-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2F-LgdiSWdyJcXPahGi9Rs-2910905616%2Fuploads%2Fgit-blob-eec83dbb400cc706adc7f0d27436c6124b0d16aa%2Fblinkopsnavbar.png?alt=media)
2. Within your chosen Pack, click **New Automation**.

   <figure><img src="https://4011785613-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2F-LgdiSWdyJcXPahGi9Rs-2910905616%2Fuploads%2Fgit-blob-e9e239fe0751262d6353cbc668a93c4412452d20%2Fblinkopsautomations.png?alt=media" alt="An &#x22;Automations&#x22; page is shown. Under a header reading &#x22;1 Packs, 5 Automations,&#x22; a &#x22;New Automation&#x22; button is circled."><figcaption></figcaption></figure>
3. In the **New automation** pop-up modal, under the **What do you want to automate?** prompt, enter the following text: `Create a blank automation triggered by a Panther alert`, then click **Generate workflow**.\
   ![Under a "What do you want to automate?" header, "create a blank automation triggered by a Panther alert" is entered into a textbox. Below the textbox is a "Generate workflow" button.](https://4011785613-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2F-LgdiSWdyJcXPahGi9Rs-2910905616%2Fuploads%2Fgit-blob-6b2b11d0a9b80155cbb35ca2f1aad6671fdba421%2Fblinkopswhatdoyouwant.png?alt=media)
   * The Blink Copilot will build the automation.\
     ![An image of a robot is above the text "Blink Copilot is generating your automation..."](https://4011785613-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2F-LgdiSWdyJcXPahGi9Rs-2910905616%2Fuploads%2Fgit-blob-22514fd67de81a5df4284a6392cd846c410c1ce9%2Fblinkopscopilot.png?alt=media)
4. In the bottom-right corner of the resulting automation, click **Create**.\
   ![A "New automation" modal shows a prompt textbox alongside a graphical builder. In the bottom-right corner, a "Create" button is circled.](https://4011785613-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2F-LgdiSWdyJcXPahGi9Rs-2910905616%2Fuploads%2Fgit-blob-4c03de8b35ed7993f2f4dc15cec40b9603a065b9%2Fimage.png?alt=media)
5. In the automation editor, click the `On Panther Run Webhook` trigger.\
   ![A graphical editor shows a circled rectangle reading "On PantherRunWebhook."](https://4011785613-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2F-LgdiSWdyJcXPahGi9Rs-2910905616%2Fuploads%2Fgit-blob-9c328c9cbbe5dadbee393f58f8243a6ad635e200%2Fblinkopsautomationcanvas.png?alt=media)
6. In the **Trigger Setup** pop-up modal:
   1. In the **Webhook Event Name** field, enter a descriptive name for the webhook, e.g., `Alert from Panther`.
   2. Copy the **Webhook URL** and **Webhook API Key** values, and store them in a secure location. You will need them in the next step.
   3. Under **Authentication Method**, select **API Key**.
   4. Click **Apply**.\
      ![A "Trigger Setup" modal has various fields, including Webhook Event Name, Webhook URL, and Webhook API Key. In the bottom-right corner are "Cancel" and "Apply" buttons.](https://4011785613-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2F-LgdiSWdyJcXPahGi9Rs-2910905616%2Fuploads%2Fgit-blob-2f3019e5cead9fe55e62d97f662e627862fd9af5%2Fblinkopstriggersetup.png?alt=media)
7. Make any desired changes to your workflow, then click **Publish & Activate**.
   * If you have already published this automation, a pop-up modal will appear. Click **Publish**.\
     ![Under a "Trigger: Event-based" header is a box labeled "On Panther Webhook Event." In the upper-right corner, a button labeled "Publish & Activate" is circled.](https://4011785613-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2F-LgdiSWdyJcXPahGi9Rs-2910905616%2Fuploads%2Fgit-blob-15de0bc5fa440d383ea610d7663edc36efb45180%2FScreenshot%202024-05-14%20at%2012.17.05%20PM.png?alt=media)

### Step 2: Create the Blink Ops alert destination in Panther

1. In the left-hand navigation bar of your Panther Console, click **Integrations > Destinations**.
2. Click **+Add your first Destination**.
   * If you have already created Destinations, click **Create New** in the upper right side of the page to add a new Destination.
3. Click **Blink Ops**.
4. Fill out the form:
   * **Display Name**: Enter a descriptive name.
   * **Webhook URL:** Enter the **Webhook URL** provided by Blink Ops.
   * **API Key:** Enter the **Webhook API Key** provided by Blink Ops.
   * **Severity**: Select the severity level of alerts to send to this Destination.
   * **Alert Types**: Select the alert types to send to this Destination.
   * **Log Type**: By default, we will send alerts from all log types. Specify log types here if you want to only send alerts from specific log types.
   * **Allow Manual Dispatch**: Set this toggle ON if you'd like to be able to [manually dispatch alerts](https://docs.panther.com/alerts#manual-alert-dispatch) to this destination.\
     ![A "Configure your Blink Ops Destination" page is shown. Various form fields are shown, including Display Name, Webhook URL, API Key, and more.](https://4011785613-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2F-LgdiSWdyJcXPahGi9Rs-2910905616%2Fuploads%2Fgit-blob-27aafe3ccd9ae9e109f0746ea55d56437fb844b0%2Fimage.png?alt=media)
5. Click **Add Destination**.
6. On the final page, optionally click **Send Test Alert** to test the integration using a test payload. When you are finished, click **Finish Setup**.

## Additional Information on Destinations

For more information on alert routing order, modifying or deleting destinations, and workflow automation, please see the Panther docs: [Destinations](https://docs.panther.com/destinations).


---

# Agent Instructions: Querying This Documentation

If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter:

```
GET https://docs.panther.com/alerts/destinations/blink-ops.md?ask=<question>
```

The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.