Chapter 3. Integrating with PagerDuty
If you are using PagerDuty, you can forward alerts from Red Hat Advanced Cluster Security for Kubernetes to PagerDuty.
The following steps represent a high-level workflow for integrating Red Hat Advanced Cluster Security for Kubernetes with PagerDuty:
- Add a new API service in PagerDuty and get the integration key.
- Use the integration key to set up notifications in Red Hat Advanced Cluster Security for Kubernetes.
- Identify the policies you want to send notifications for, and update the notification settings for those policies.
3.1. Configuring PagerDuty
Start integrating with PagerDuty by creating a new service and by getting the integration key.
Procedure
-
Go to Configuration
Services. - Select Add Services.
- Under General Settings, specify a Name and Description.
- Under Integration Setting, click Use our API Directly with Events v2 API selected for the Integration Type drop-down menu.
- Under Incident Settings, select an Escalation Policy, and configure notification settings and incident timeouts.
- Accept default settings for Incident Behavior and Alert Grouping, or configure them as required.
- Click Add Service.
- From the Service Details page, make note of the Integration Key.
3.2. Configuring Red Hat Advanced Cluster Security for Kubernetes
Create a new integration in Red Hat Advanced Cluster Security for Kubernetes by using the integration key.
Procedure
-
In the RHACS portal, go to Platform Configuration
Integrations. - Scroll down to the Notifier Integrations section and select PagerDuty.
-
Click New Integration (
add
icon). - Enter a name for Integration Name.
- Enter the integration key in the PagerDuty integration key field.
- Click Test to validate that the integration with PagerDuty is working.
- Click Create to create the configuration.
3.3. Configuring policy notifications
Enable alert notifications for system policies.
Procedure
-
In the RHACS portal, go to Platform Configuration
Policy Management. - Select one or more policies for which you want to send alerts.
- Under Bulk actions, select Enable notification.
In the Enable notification window, select the PagerDuty notifier.
NoteIf you have not configured any other integrations, the system displays a message that no notifiers are configured.
- Click Enable.
- Red Hat Advanced Cluster Security for Kubernetes sends notifications on an opt-in basis. To receive notifications, you must first assign a notifier to the policy.
- Notifications are only sent once for a given alert. If you have assigned a notifier to a policy, you will not receive a notification unless a violation generates a new alert.
Red Hat Advanced Cluster Security for Kubernetes creates a new alert for the following scenarios:
- A policy violation occurs for the first time in a deployment.
- A runtime-phase policy violation occurs in a deployment after you resolved the previous runtime alert for a policy in that deployment.