Fortinet white logo
Fortinet docs logo DOCUMENT LIBRARY 26.2.0
Fortinet white logo
Fortinet docs logo DOCUMENT LIBRARY
Products Best Practices Hardware Guides Products A-Z
Summary
By Solution
By 4D Pillars
By Cloud
All Products
Secure Networking
Unified SASE
Security Operations
Secure SD-WAN
Secure Access Service Edge (SASE)
ZTNA
LAN Edge
Identity and Access Management
Next Generation Firewall
Web Application Firewall
Public Cloud
Private Cloud
FortiCloud
Secure Networking
  • Hybrid Mesh Firewall
  • NOC Management
  • LAN
  • WAN
    • More >>
    Unified SASE
  • Single Vendor SASE
  • Cloud Network Security
  • Secure Endpoint Connectivity
  • Web Application / API Protection
    • More >>
    Security Operations
  • Security Operations Automation
  • Identity
  • Early Detection & Prevention
    • More >>
    Secure Networking
  • Hybrid Mesh Firewall
  • NOC Management
  • LAN
  • WAN
  • Communication & Surveillance
    • Unified SASE
  • Single Vendor SASE
  • Secure Endpoint Connectivity
  • Cloud Network Security
  • Cloud-Native Security
  • Web Application / API Protection
    • Security Operations
  • Security Operations Automation
  • Endpoint
  • Data Protection
  • Identity
  • Email
  • Early Detection & Prevention
  • Expert Services
  • Edge Firewall
  • Orchestration & management
  • SD Branch
  • Application Delivery
  • Single Vendor SASE
  • Secure Endpoint Connectivity
  • Secure Private Access
  • Thin Edge
  • Identity
  • Application Gateway
  • Enterprise Asset Management
  • Endpoint Agent
  • Agentless Security Posture
  • Identity
  • Wireless
  • Switching
  • Identity
  • Privilege Acccess Management
  • Next Generation Firewall
  • Orchestration & management
  • Expert Services
  • Web Application / API Protection
  • All
  • All
  • Account Management
  • SAAS Management
  • SAAS Application Security
  • Managed Services
  • Platform as a service (PAAS)
  • Other SAAS Services
    • 4D Resources
    Solution Hubs
  • 4D Pillars
  • Cloud
  • Popular Solutions
    • All Products

    Administration Guide

    Home FortiCNAPP Administration Guide
    26.2.0
    26.2.0

    VictorOps (Splunk On-Call) alert channel

    VictorOps (Splunk On-Call) alert channel

    Configure FortiCNAPP to forward alerts to specific VictorOps groups using a VictorOps REST endpoint.

    Creating a REST Endpoint

    To create a REST endpoint:
    1. In VictorOps, navigate to Integrations > 3rd Party Integrations > REST – Generic.
    2. If the REST endpoint integration is not enabled, click Enable to generate your endpoint destination URL.

    3. (Optional) Customize escalation policies. See Set up an escalation policy in the Splunk documentation for more details.

    Before providing the URL to FortiCNAPP, you must replace everything after the final forward slash with the routing key that you want to use for the integration. Alert routing gives you the ability to assign specific types of alerts to specific groups. The final URL must use this form:

    https://alert.victorops.com/integrations/...../[routing_key]

    For details about creating REST endpoints, see VictorOps: REST Endpoint and VictorOps Routing Keys.

    Creating a VictorOps alert channel

    To create a VictorOps alert channel:
    1. Log in to the console as a user with administrative privileges.
    2. Go to Settings > Notifications > Channels.
    3. Select + Add new.
    4. Select VictorOps.
    5. Click Next.
    6. Verify that you have created a VictorOps REST endpoint as described in Create a REST Endpoint.
    7. Name the channel.
    8. Add the VictorOps REST endpoint URL.
    9. Click Save.
    10. Click Alert rules and configure your required alert routing details/options by leveraging the alert channel you created.

    You should now start to receive FortiCNAPP alert notifications in your chosen VictorOps group.

    Creating a FortiCNAPP VictorOps alert channel using Terraform

    For organizations using Terraform to manage their environments, FortiCNAPP maintains the Terraform provider, which enables configuration of alert channels using automation.

    For a complete list of custom Terraform resources to manage alert channels in FortiCNAPP, see Manage alert channels with Terraform.

    # Configure Victor Ops Alert Channel in Lacework
resource "lacework_alert_channel_victorops" "example" {
  name        = "Victor Ops example"
  webhook_url = "https://alert.victorops.com/integrations/generic/20131114/alert/31e945ee-5cad-44e7-afb0-97c20ea80dd8/database"
}

    Additional information on the lacework_alert_channel_victorops resource can be found on the Terraform Registry.

    Previous
    Next

    VictorOps (Splunk On-Call) alert channel

    VictorOps (Splunk On-Call) alert channel

    Configure FortiCNAPP to forward alerts to specific VictorOps groups using a VictorOps REST endpoint.

    Creating a REST Endpoint

    To create a REST endpoint:
    1. In VictorOps, navigate to Integrations > 3rd Party Integrations > REST – Generic.
    2. If the REST endpoint integration is not enabled, click Enable to generate your endpoint destination URL.

    3. (Optional) Customize escalation policies. See Set up an escalation policy in the Splunk documentation for more details.

    Before providing the URL to FortiCNAPP, you must replace everything after the final forward slash with the routing key that you want to use for the integration. Alert routing gives you the ability to assign specific types of alerts to specific groups. The final URL must use this form:

    https://alert.victorops.com/integrations/...../[routing_key]

    For details about creating REST endpoints, see VictorOps: REST Endpoint and VictorOps Routing Keys.

    Creating a VictorOps alert channel

    To create a VictorOps alert channel:
    1. Log in to the console as a user with administrative privileges.
    2. Go to Settings > Notifications > Channels.
    3. Select + Add new.
    4. Select VictorOps.
    5. Click Next.
    6. Verify that you have created a VictorOps REST endpoint as described in Create a REST Endpoint.
    7. Name the channel.
    8. Add the VictorOps REST endpoint URL.
    9. Click Save.
    10. Click Alert rules and configure your required alert routing details/options by leveraging the alert channel you created.

    You should now start to receive FortiCNAPP alert notifications in your chosen VictorOps group.

    Creating a FortiCNAPP VictorOps alert channel using Terraform

    For organizations using Terraform to manage their environments, FortiCNAPP maintains the Terraform provider, which enables configuration of alert channels using automation.

    For a complete list of custom Terraform resources to manage alert channels in FortiCNAPP, see Manage alert channels with Terraform.

    # Configure Victor Ops Alert Channel in Lacework
resource "lacework_alert_channel_victorops" "example" {
  name        = "Victor Ops example"
  webhook_url = "https://alert.victorops.com/integrations/generic/20131114/alert/31e945ee-5cad-44e7-afb0-97c20ea80dd8/database"
}

    Additional information on the lacework_alert_channel_victorops resource can be found on the Terraform Registry.

    Previous
    Next