Sysdig is the first cloud-native visibility and security platform to help enterprises operate reliable, secure, containerized cloud-native applications. The platform consists of Sysdig Monitor and Sysdig Secure.
Alerts are used in Sysdig Monitor when Event thresholds have been crossed, and in Sysdig Secure when Policy violations have occurred. When setting up alerts in Sysdig, you can choose to be notified via your existing PagerDuty account by integrating the two applications.
Requirements: You must have a PagerDuty Manager base role or higher (on accounts with Advanced Permissions), or Admin or higher (on accounts with standard User Roles) to use the auto-fetch method of configuring this integration. If you do not have any of the above roles, this guide also includes steps to enter the necessary data in the Sysdig UI manually. If you are not sure what your role is, please visit our section on checking your user role.
1 . Log in to Sysdig Monitor or Sysdig Secure as administrator and select Settings.
2. Select Notification Channels, click Add Notification Channel and then select PagerDuty.
3. If your PagerDuty base role is Manager base role or higher (on accounts with Advanced Permissions), or Admin or higher (on accounts with standard User Roles), click Auto-fetch when prompted. If you do not have any of the above roles, or if you would like to integrate using Global Event Routing, click Manual and skip to step 5.
In the auto-fetch flow, you will be directed to a PagerDuty account authorization screen. You will have the option to authorize via your account credentials, or if your account uses a Single Sign-on Provider, you can use your subdomain. Depending on your authorization method, click Authorize Integration or Sign In Using Your Identity Provider.
4. On the next screen, you will be given two options:
a. Use an integration on an existing service: Select the service that you would like to integrate with Sysdig and click Finish Integration.
b. Create a new service with an integration for Sysdig: If you are creating a new service to integrate with Sysdig, enter a Service name that represents the application, component or team that you wish to open incidents against (examples: “MobileApp”, “Shopping Cart” or “BizOps”). Please note that when an incident is triggered, this is the service name it will be associated with. Select the Escalation policy that you would like to associate with this service and click Finish Integration (this will finish authorization in PagerDuty, but there are further steps to complete in Sysdig below).
5. Once the integration has been authorized, you will be redirected to a screen in Sysdig where your new PagerDuty notification channel will be displayed, with the information auto-filled. Click Save and continue to step 6.
If you chose the Manual option, you will need to enter the following PagerDuty credentials manually:
a. Account Name: Input your PagerDuty account’s subdomain.
c. Service Name: Input the name of the PagerDuty service that you would like to integrate with Sysdig. If you are integrating with Global Event Routing, input “Global Event Routing” as a placeholder name.
d. Channel Name: Enter the same Service Name (above).
Click Save and continue to step 6.
6. To complete the integration, navigate to your alert settings, configure them according to your needs and ensure you’ve selected the option Report to PagerDuty, as this is not automatically set. Then click Create.
Simply repeat the steps for the PagerDuty configuration, only select a different PagerDuty service and point. You can also integrate using a Global Event Routing integration key.
No, resolutions are not transferred between the two applications at this time.
If you have any questions or need any assistance, please contact our support team at firstname.lastname@example.org.