Blink Ops Destination

Configuring Blink Ops as an alert destination in your Panther Console

Overview

The Blink Ops alert destination is in open beta starting with Panther version 1.108, and is available to all customers. Please share any bug reports and feature requests with your Panther support team.

Destinations are integrations that receive alerts from rules, policies, system health notifications, and rule errors. Panther supports configuring Blink Ops as the destination where you will receive alerts.

Blink Ops supports receiving alerts with a maximum payload size of 5 MB. If an alert is greater than 5 MB size due to a large alert context, Panther will truncate the alert context.

How to set up Blink Ops alert destinations in Panther

Step 1: Create a Panther trigger in Blink Ops

In the left-hand navigation bar of your Blink Ops console, click Workspace > Automations.
Within your chosen Pack, click New Automation.
In the New automation pop-up modal, under the What do you want to automate? prompt, enter the following text: Create a blank automation triggered by a Panther alert, then click Generate workflow.
- The Blink Copilot will build the automation.
In the bottom-right corner of the resulting automation, click Create.
In the automation editor, click the On Panther Run Webhook trigger.
In the Trigger Setup pop-up modal:
1. In the Webhook Event Name field, enter a descriptive name for the webhook, e.g., Alert from Panther.
2. Copy the Webhook URL and Webhook API Key values, and store them in a secure location. You will need them in the next step.
3. Under Authentication Method, select API Key.
4. Click Apply.
Make any desired changes to your workflow, then click Publish & Activate.
- If you have already published this automation, a pop-up modal will appear. Click Publish.

Step 2: Create the Blink Ops alert destination in Panther

In the left-hand navigation bar of your Panther Console, click Integrations > Destinations.
Click +Add your first Destination.
- If you have already created Destinations, click Create New in the upper right side of the page to add a new Destination.
Click Blink Ops.
Fill out the form:
- Display Name: Enter a descriptive name.
- Webhook URL: Enter the Webhook URL provided by Blink Ops.
- API Key: Enter the Webhook API Key provided by Blink Ops.
- Severity: Select the severity level of alerts to send to this Destination.
- Alert Types: Select the alert types to send to this Destination.
Click Add Destination.
On the final page, optionally click Send Test Alert to test the integration using a test payload. When you are finished, click Finish Setup.

Additional Information on Destinations

For more information on alert routing order, modifying or deleting destinations, and workflow automation, please see the Panther docs: Destinations.

PreviousAsana Destination NextCustom Webhook Destination

Last updated 4 months ago

Overview

Blink Ops supports receiving alerts with a maximum payload size of 5 MB. If an alert is greater than 5 MB size due to a large alert context, Panther will truncate the alert context.

How to set up Blink Ops alert destinations in Panther

Step 1: Create a Panther trigger in Blink Ops

In the left-hand navigation bar of your Blink Ops console, click Workspace > Automations.

Within your chosen Pack, click New Automation.

In the New automation pop-up modal, under the What do you want to automate? prompt, enter the following text: Create a blank automation triggered by a Panther alert, then click Generate workflow.

The Blink Copilot will build the automation.

In the bottom-right corner of the resulting automation, click Create.

In the automation editor, click the On Panther Run Webhook trigger.

In the Trigger Setup pop-up modal:

In the Webhook Event Name field, enter a descriptive name for the webhook, e.g., Alert from Panther.
Copy the Webhook URL and Webhook API Key values, and store them in a secure location. You will need them in the next step.
Under Authentication Method, select API Key.
Click Apply.

Make any desired changes to your workflow, then click Publish & Activate.

If you have already published this automation, a pop-up modal will appear. Click Publish.

Step 2: Create the Blink Ops alert destination in Panther

In the left-hand navigation bar of your Panther Console, click Integrations > Destinations.

Click +Add your first Destination.

If you have already created Destinations, click Create New in the upper right side of the page to add a new Destination.

Click Blink Ops.

Fill out the form:

Display Name: Enter a descriptive name.
Webhook URL: Enter the Webhook URL provided by Blink Ops.
API Key: Enter the Webhook API Key provided by Blink Ops.
Severity: Select the severity level of alerts to send to this Destination.
Alert Types: Select the alert types to send to this Destination.
Log Type: By default, we will send alerts from all log types. Specify log types here if you want to only send alerts from specific log types.

Click Add Destination.

On the final page, optionally click Send Test Alert to test the integration using a test payload. When you are finished, click Finish Setup.