- 28 Aug 2024
- 3 Minutes to read
- Print
- DarkLight
- PDF
Create Incident - PagerDuty
- Updated on 28 Aug 2024
- 3 Minutes to read
- Print
- DarkLight
- PDF
Create Incident - PagerDuty creates an incident in PagerDuty for the entities retrieved from the saved query supplied as a trigger.
- Not all asset categories are supported for all Enforcement Actions.
- See Actions supported for Activity Logs, Adapters Fetch History, and Asset Investigation modules.
- See Actions supported for Vulnerabilities.
- See Actions supported for Software.
General Settings
- Action name - The name of this Enforcement Action. The system sets a default name. You can change the name.
- Configure Dynamic Values - Toggle on to enter a Dynamic Value statement. See Creating Enforcement Action Dynamic Value Statements to learn more about Dynamic Value statement syntax.
- Use stored credentials from the PagerDuty adapter - Select this option to use the first connected PagerDuty adapter credentials.
- When you select this option, the Select Adapter Connection drop-down is available, and you can choose which adapter connection to use for this Enforcement Action.
- To use this option, you must successfully configure a PagerDuty IT Service Management adapter connection.
- The user name and the password used for the adapter connection must be user with permissions to create new incidents.
Required Fields
These fields must be configured to run the Enforcement Set.
- Title - Specify an incident title.
- Requester Email - The email of the user requesting the incident.
- Service ID - The ID of the service associated with the incident.
- Service Type - The type of service associated with the incident.
- Priority ID - The ID of the priority value.
- Priority Type (required, default: 5) - Specify the incident priority.
Compute Node - The Axonius node to use when connecting to the specified host. For more details, see Connecting Additional Axonius Nodes.
Valid Service and Priority IDs can be attained using these webpages with a valid API token:
It is recommended to use the user token of an administrator to get these IDs.
In PagerDuty, go to User Profile > Account Settings > User Token.
Additional Fields
These fields are optional.
Connection Parameters
If Use stored credentials from the PagerDuty Adapter is disabled, these fields are required:
Host Name or IP Address (required, default: api.pagerduty.com) - The hostname or IP address of the PagerDuty server that Axonius can communicate with via the Required Ports.
Token (required) - An API Key associated with a user account that has the Required Permissions to fetch assets. The API token for this adapter is static and in power of the PagerDuty user
Verify SSL - Select whether to verify the SSL certificate of the server against the CA database inside of Axonius. For more details, see SSL Trust & CA Settings.
HTTPS Proxy (optional) - Connect the adapter to a proxy instead of directly connecting it to the domain.
HTTPS Proxy User Name (optional) - The user name to use when connecting to the value supplied in Host Name or IP Address via the value supplied in HTTPS Proxy.
HTTPS Proxy Password (optional) - The password to use when connecting to the server using the HTTPS Proxy.
- Urgency - Select the urgency level from the list.
- Brief Description - Specify an incident description.
- Add default ticket description - Select whether to send the incident description to PagerDuty.
- If enabled, Axonius will include the default incident description (mentioned below) in the PagerDuty incident.
- If disabled, Axonius will not include the default incident description (mentioned below) in the PagerDuty incident.
APIs
Axonius uses the PagerDuty API.
Required Permissions
This action requires incidents.write permission.
For more details about other Enforcement Actions available, see Action Library.