PagerDuty - Send Event for New Incident
This incident response workflow allows you to send events to PagerDuty from a playbook or using an automation rule. When using this workflow in a playbook, the user executes the workflow and an event is sent. When using this workflow with an incident automation rule, the event is sent as soon as the workflow is executed. The workflow will also set the XDR incident's status to Incident Reported.
Description
This incident response workflow allows you to send events to PagerDuty from a playbook or using an automation rule. When using this workflow in a playbook, the user executes the workflow and an event is sent. When using this workflow with an incident automation rule, the event is sent as soon as the workflow is executed. The workflow will also set the XDR incident's status to Incident Reported.
Note: When installing this workflow, be sure you select "PagerDuty - Events API" for the PagerDuty target.
Target: Conure APIs, PagerDuty - Events API, Private Intelligence API
Steps:
- Get the incident summary
- Parse the incident's attributes
- Send an event and fetch the new incident's details
- Update the incident's status to Incident Reported
This workflow requires the following targets to be available before it can be run.
Integration targets
- PagerDuty
- Cisco XDR