Alert Logic® has released several new ways for customers to send Alert Logic data and notifications to your third-party applications or generate IT service management tickets automatically. The Connectors feature is now available in the Alert Logic console with functionality to send observations, incidents and scheduled reports to your third-party systems that accept incoming HTTP POST requests. Native support is available for popular third-party ticketing and messaging platforms, including:
- Jira Service Desk
- Microsoft Teams
- Pager Duty
Additionally, universal webhook and email connectors are available to allow customers to build their own webhook or email integration for other third-party applications.
With this new connector capability, you can send data from the Alert Logic console to your ticketing or messaging system to automate and streamline your workflow.
Note: This enhancement is available in both the Alert Logic Managed Detection & Response (MDR) platform and the Alert Logic Cloud Defender™ platform.
Using the New Connectors Capability
The process for connecting your Alert Logic account to a third-party application involves two main steps:
- Creating the connector in the Alert Logic console.
- Subscribing your connector to receive Alert Logic security notifications.
For the natively supported integrations listed above, Alert Logic provides detailed instructions on configuring these integrations via webhook. Additionally, guidance for configuring a universal webhook or email connector are also available to help you through the process. Instructions for configuring these notifications are available in the Connectors Configuration documentation.
Create and Manage Connectors
These connectors are created and managed on the new Connectors page in the Alert Logic console.
Note: This page replaces the Webhooks page that previously was used to create webhook integrations.
In the MDR platform, this new page is accessed by selecting the navigation menu () > Configure > Connectors.
In the Cloud Defender platform, this page is accessed by selecting the Support icon () > Connectors.
From this screen, you can view and edit all existing connectors, including any webhooks created prior to this release. To create a new connector, click the Add () icon at the top of the page and select the type of webhook to create. The configuration process and fields to complete vary based on the type of connector you are creating.
Tooltips, samples, and additional information are available throughout the configuration process to help you through the configuration steps, and you can test your configuration immediately upon creation.
When creating a connector, three payload types are available:
- Incident – Sends an alert or generates a service ticket when incidents occur that meet specific criteria, such as escalated incidents.
- Observation – Sends an alert or generates a service ticket when Alert Logic observes an occurrence of a configured log correlation.
- Scheduled Report Notification – Sends an alert or generates a service ticket when Alert Logic generates a scheduled report that is available for download.
For full instructions on creating connectors, refer to our Connectors Configuration Guide.
Subscribe Connectors to Notifications
Once a connector is created, tested, and saved, you must subscribe the connector to receive the notification. These notifications are set up directly from the Notifications page. When creating the notification, simply select Subscribe Connector under Recipients and then select the appropriate connector to subscribe. A sample payload also displays to help you determine that the notification will include the data you want to receive.
Note: By default, the user who is configuring the notification is added to the recipient list. If you do not want to receive a notification via email in addition to receiving it via a webhook, deselect your name from the Subscribe Users list.
For more information on creating notifications and subscribing connectors, refer to our Manage Notifications documentation.
The following additional articles and documentation may be useful when creating and managing connectors using this new experience: