Skip to content

PagerDuty Integration

Once configured, Valtix alerts will sent to Microsoft Sentinel using the defined Alert Service Profile and Alert Rule.

Prerequisites

In order to send alerts to Microsoft Sentinel, the following information is required:

  • Create an Azure Log Analytics Workspace
  • Define an Azure Log Table

Create an Alert Profile Service

  1. Navigate to Administration -> Alert Profiles -> Services
  2. Click Create
  3. Name - Enter unique name for the alert integration. Example valtix-MSSentinel-profile.
  4. Description (optional) - Enter a description for the alert integration
  5. Type - Using the pulldown, choose Microsoft Sentinel
  6. API Key - Specify the Shared Key created in Azure for the Azure Log Analytics Workspace
  7. Azure Log Table Name - Specify the name of the Azure Log defined when creating the Azure Log Analytics Workspace
  8. Azure Log Analytics Workspace ID - Specify the ID of the Azure Log Analytics Workspace
  9. Click Save

Create an Alert Rule

  1. Navigate to Settings -> Alert Profiles -> Alert Rules
  2. Click Create
  3. Profile Name - Enter unique name for the integration. Example valtix-MSSentinel-alert-rule.
  4. Description (optional) - Enter a description for the alert rule
  5. Alert Profile - Using the pulldown, choose a PagerDuty Alert Profile. As example, select profile created above valtix-MSSentinel-profile.
  6. Type - Using the pulldown, select either System Logs or Discovery
  7. Sub Type - For Type System Logs, the Sub Type pulldown options are either: Gateway or Account. For Type Discovery, the Sub Type pulldown option is: Insights Rule.
  8. Severity - For selected Type System Logs, and using the pulldown, select a Severity level from options: Info Warning Medium High or Critical. For Type Discovery, select a Severity level from options: Info Medium Critical.
  9. Enabled - Using the checkbox, check to enable this alert profile
  10. Click Save