Sysdig Documentation

PagerDuty Notifications

To send an alert notification via PagerDuty, you must first set up the PagerDuty notification channel.

Prerequisites

  • Have an account configured at PagerDuty.com.

  • Have your PagerDuty credentials available (account, password and service).

    Note

    With a PagerDuty base user role of Manager, you can auto-fetch the service information during the Sysdig/PagerDuty integration process.

    If your PagerDuty team permissions are Manager but base user permissions are Responder or lower, you can enter the necessary data in the Sysdig UI manually.

    373575535.png

    Base user roles in the PagerDuty UI.

Configure PagerDuty

  1. To launch the process from the Sysdig UI, complete steps 1-3 inSet Up Notification Channels and select PagerDuty.

  2. Select Auto-fetch when prompted (must have base user role of Manager or higher in PagerDuty).

    (If you select Manual, skip to step 5.)The PagerDuty Integration screen is displayed.

    373575562.png

  3. Enter the email and password associated with your PagerDuty account and click Authorize Integration.

    OR

    Enter the appropriate PagerDuty subdomain for single sign-on and Sign In.

  4. A PagerDuty service selection screen is displayed.

    Option 1: If you have never integrated before, you are prompted to choose a PagerDuty Servicename and an Escalation policy:

    373575522.png

    Option 2: If at least one service has already been integrated, you can select that one or create a different service.

    373575542.png

  5. Click Finish Integration.

    Once integration is authorized, the Sysdig page for a new PagerDuty notification channel is displayed, with the information auto-filled.

    373575528.png

  6. Confirm the auto-populated information and click Save.OR

    If you chose Manual entry in Step 2, then type the information and click Save.

You can now Add an Alert to use PagerDuty notifications.

Known Issue

Note

There is a known issue whereby changing a notification from "Acknowledged" to "Unacknowledged" does not update correctly in PagerDuty.

What occurs:

  • Event has triggered Notification, Notification is sent to PagerDuty.

  • Open Event and click on "Acknowledge" button in Sysdig.

  • Notification is sent to PagerDuty, and status is changed to "Acknowledged."

  • Open Event and click on "UnAcknowledge" button in Sysdig.

    5d7f841025edf.png

    Status is not changed in PagerDuty. It remains "Acknowledged" rather than changing to "Triggered" in PagerDuty.