The Evident Security Platform (ESP) performs continuous AWS security monitoring as a service and can identify and assist you in correcting problems in as little as 5 minutes. ESP for AWS identifies over 100 critical AWS security vulnerabilities across all of your AWS accounts. It can be easily configured to send alerts to PagerDuty, thus allowing you to take advantage of PagerDuty’s comprehensive alerting and incident tracking functionality. The guide below describes how to integrate Evident.io (ESP) with PagerDuty.
If you are creating a new service for your integration, click +Add New Service.
If you are adding your integration to an existing service, click the name of the service you want to add the integration to. Then click the Integrations tab and click the +New Integration button.
If you are creating a new service for your integration, in General Settings, enter a Name for your new service. Then, in Incident Settings, specify the Escalation Policy, Notification Urgency, and Incident Behavior for your new service.
Login to the Evident.io control panel, go to Integrations, then click the PagerDuty icon.
Paste in the Integration Key you copied from PagerDuty earlier and click Save.
Choose the ESP Alerts that you’d like to send to PagerDuty, then click Save once more.
Next, either trigger a manual report for your team (Control Panel → Teams → Team → Run Report), or wait until the next hour when an automated report is run.
You should now be getting alarms for your selected ESP alerts.
Congratulations – the integration is now complete! Now when an alert fires based on one of your Evident.io signatures and rules, a PagerDuty incident will be triggered.
Yes, when alerts fail/warn/error statuses an incident will be created in PagerDuty. If it comes up on the next report run as a pass the incident will be resolved.
No, at this time the PagerDuty Integration Key is a global setting in ESP, so only a single service can be used.
Yes, all alerts are stored and displayed for users within the ESP UI.