Documentation forPapertrail

PagerDuty

Introduction

Papertrail can invoke a PagerDuty alert escalation policy, such as to generate text messages.

Read more in a Papertrail blog post.

Papertrail uses the PagerDuty Integration API for this integration.

Setup

Follow the steps in Alerts.

Settings

From PagerDuty's "Services" tab, click "Add New Service." For "Integration Type," choose "Papertrail" from the dropdown menu. See screenshot below.

After adding the new service, click its settings. Obtain its Service key.

On Papertrail's Dashboard, find the Papertrail saved search which will notify this PagerDuty service. Click the Edit icon to edit its settings. Click the "Manage Alerts" tab and provide:

  • Description, such as Pen test attempt. Freeform.
  • Incident key, such as Exploit attempt.

pagerduty-add-service.png

Grouping related alerts

Use %HOST% in the incident key to have Papertrail replace it with the name of the related sender. This permits grouping only alerts from the same sender (typically a system), rather than from all senders. See blog post.