Incident.io Destination

Configuring incident.io as an alert destination in your Panther Console

Overview

Destinations are integrations that receive alerts from rules, policies, system health notifications, and rule errors. Panther supports configuring incident.io as the destination where you will receive alerts.

How to set up an incident.io alert destination in Panther

Step 1: Create an alert source for Panther in incident.io

Step 2: Configure the incident.io destination in Panther

  1. In the left-hand navigation bar of your Panther Console, click Configure > Alert Destinations.

  2. Click +Add your first Destination.

    • If you have already created Destinations, click Create New in the upper right side of the page to add a new Destination.

  3. Click Incident.io.

  4. On the Configure Your Incident.io Destination page, fill out the form:

    • Display Name: Enter a descriptive name, e.g., incident.io alert destination.

    • Webhook URL: Enter the URL you generated in incident.io in Step 1.

    • API Key: Enter the API key you generated in incident.io in Step 1.

    • Severity Levels: Select the severity level of alerts to send to this destination.

    • Default Alert Types: Select the alert types to send to this destination.

    • Log Types: By default, we will send alerts from all log types. Specify log types here if you want to only send alerts from specific log types.

  5. Click Add Destination.

  6. Click Send Test Alert to make sure everything works correctly.

    • You should now see a test alert in your incident.io dashboard.

  7. Click Finish Setup.

Additional Information on Destinations

For more information on alert routing order, modifying or deleting destinations, and workflow automation, please see the Panther docs: Destinations.

Last updated

Was this helpful?