Incident.io Destination
Configuring incident.io as an alert destination in your Panther Console
Last updated
Configuring incident.io as an alert destination in your Panther Console
Last updated
The incident.io alert destination is in open beta starting with Panther version 1.108, and is available to all customers. Please share any bug reports and feature requests with your Panther support team.
Destinations are integrations that receive alerts from rules, policies, system health notifications, and rule errors. Panther supports configuring incident.io as the destination where you will receive alerts.
Follow the incident.io Adding Panther as an Alert Source instructions through Step 4.
Copy the provided webhook URL and API key values, and store them in a secure location. You will use them in the next step.
In the left-hand navigation bar of your Panther Console, click Configure > Alert Destinations.
Click +Add your first Destination.
If you have already created Destinations, click Create New in the upper right side of the page to add a new Destination.
Click Incident.io.
On the Configure Your Incident.io Destination page, fill out the form:
Display Name: Enter a descriptive name, e.g., incident.io alert destination
.
Webhook URL: Enter the URL you generated in incident.io in Step 1.
API Key: Enter the API key you generated in incident.io in Step 1.
Severity Levels: Select the severity level of alerts to send to this destination.
Default Alert Types: Select the alert types to send to this destination.
Log Types: By default, we will send alerts from all log types. Specify log types here if you want to only send alerts from specific log types.
Click Add Destination.
Click Send Test Alert to make sure everything works correctly.
You should now see a test alert in your incident.io dashboard.
Click Finish Setup.
For more information on alert routing order, modifying or deleting destinations, and workflow automation, please see the Panther docs: Destinations.