Blog

Introducing PagerDuty Integration for Threat Stack

by Sam Lewis April 28, 2015 | 3 min read

ThreatStack_Logo

Cue the happy trombone

We love PagerDuty and are big users ourselves. We love the ease of integration with our other platforms. We love the scheduling and overrides. We love the per-service escalation groups. We love the sound of our default alert setting, the sad trombone (Though, the more we think about it, “love” isn’t the right word on that last one. That infernal trombone wakes up our team to let us know there is trouble in the Cloud. We dread that trombone).

Trombone aside, we’re thrilled to announce that Threat Stack now has PagerDuty integration for all of our customers!

For those of you unfamiliar with Threat Stack, here’s a quick explanation of who we are and what we do.  Simply put, Threat Stack continuously monitors your cloud infrastructure to provide your team with host-level process visibility across your entire environment.  Our SaaS platform helps you stay protected from intrusions and data loss, collect audit data to meet compliance regulations, and get notified when anomalous activity and potential threats are identified on your network.

Since we’re collecting our data directly from the kernel, we enable an entirely new depth of monitoring, auditing, and alerting that’s impossible with traditional network and “api log” driven systems. We then take that data and enhance it with environment-specific metadata to give you context around all your system activity and provide you with the clearest possible picture of what’s happening in your environment.

Threat Stack's Dashboard Threat Stack’s Dashboard

PagerDuty + Threat Stack

Threat Stack has integrated with PagerDuty in the best way possible, using PD Connect and Integration API. This provides users with a streamlined integration workflow allowing you to easily integrate your Threat Stack accounts with your PagerDuty accounts.

Getting started with Threat Stack’s PagerDuty integration is simple: just go to the “Integrations” section of the configuration screen, and click “Alert with PagerDuty”. Once you authorize Threat Stack, we’ll start routing new alerts via PagerDuty right away. You can also select a minimum alert severity so that only higher severity alerts trigger the dreaded sad trombone. When you dismiss the alert from Threat Stack, it will even clear the PagerDuty alert.

ScreenShot-Process-Meta-Data

Why PagerDuty

We honestly decided to select PagerDuty as our first integration for selfish reasons. We wanted to use it ourselves but soon realized our customers that felt the same way. The last thing we want to do is dictate what system you need to use for alerts, so we’re committed to providing you with the most flexibility in how you receive alerts. This ranges from sending PagerDuty notifications only from production systems with a high alert severity level right down to sending a webhook for all alerts, regardless of source or severity.

Our PagerDuty integration is the first in a long list of more flexible alert options we are tackling at Threat Stack. Stay tuned!

ScreenShot-Session-Explorer

Get Started

To integrate PagerDuty with your Threat Stack account, read our configuration and setup guide. If you’d like to sign up for Threat Stack and begin using the PagerDuty integration, check out our free trial.