PagerDuty + Orca Security Integration Benefits
- Notify on-call responders based on alerts sent from Orca.
- Create alerts of different severity based on contextual findings from Orca.
- Alerts in PagerDuty will be resolved when Orca observes that the issue in question has been resolved in the respective cloud account.
- Orca Security scans your workloads and cloud configuration constantly and risks identified in either will send an event to a service in PagerDuty.
- Once the issue has been resolved and realized in Orca, a resolve event will be sent to the PagerDuty service to resolve the alert, and associated incident on that service.
- Alerts from Orca Security will trigger a new incident on the corresponding PagerDuty service.
If you encounter any unexpected challenges or problems during the installation or use of this integration, please contact Orca Support at firstname.lastname@example.org.
Integrating With a PagerDuty Service
- Start at PagerDuty. From the Configuration menu, select Services.
- There are two ways to add an integration to a service:
- If you are adding your integration to an existing service: Click the name of the service you want to add the integration to. Then, select the Integrations tab and click the New Integration button.
- If you are creating a new service for your integration: Please read PagerDuty documentation in section Configuring Services and Integrations and follow the steps outlined in the Create a New Service section, selecting Orca Security as the Integration Type in step 4. Continue with the In Orca Security section (below) once you have finished these steps.
- Enter an Integration Name in the format
monitoring-tool-service-name(e.g. orca-security-soc-alerting) and select Orca Security from the Integration Type menu.
- Click the Add Integration button to save your new integration. You will be redirected to the Integrations tab for your service.
- An Integration Key will be generated on this screen. Keep this key saved in a safe place, as it will be used when you configure the integration with Orca Security in the next section. Copy it to your clipboard.
In Orca Security
- Navigate to Settings ( icon) from the main menu on the left.
- Select Integrations from the Settings submenu.
- In the Notifications section, locate the PagerDuty integration and click the Connect button.
Paste your Integration Key (copied from PagerDuty in step #4 above) and click Save.
Note: PagerDuty integration is disabled by default. You must click Enable to start the flow of Orca alerts to PagerDuty.
How to Uninstall
- Navigate to the Orca portal and navigate to the Integrations page (Settings -> Integration).
- Click “CONNECT PAGERDUTY” and delete your Integration Key, click Disable, and click Save.