About the connector
PagerDuty connects to your monitoring systems so that you can collect events, surface what's important, and resolve critical issues to proactively manage your uptime.
This document provides information about the PagerDuty connector, which facilitates automated interactions, with a PagerDuty server using FortiSOAR™ playbooks. Add the PagerDuty connector as a step in FortiSOAR™ playbooks and perform automated operations, such as listing teams, users, and notifications configured in PagerDuty and retrieving user details and notification rules from PagerDuty.
Version information
Connector Version: 2.0.0
FortiSOAR™ Version Tested on: 4.12.1-253
Authored By: Fortinet
Certified: Yes
Release Notes for version 2.0.0
Following enhancements have been made to the PagerDuty Connector in version 2.0.0:
- Added the following new operations:
- Updated the connector configuration parameters to include integration key, service, and escalation policy.
- Updated the following operations:
- Create Incident: Removed the Integration Key and Escalation Policy parameters and added the Incident Key parameter.
- List Notifications: Updated the REST API call for this operation.
Note: The configuration parameters for the PagerDuty Connector in version 2.0.0 is different from the earlier versions, therefore, in this case, the connector configurations of the previous version are unavailable and you require to reconfigure this connector.
Installing the connector
For the procedure to install a connector, click here.
Prerequisites to configuring the connector
- You must have the URL of PagerDuty server to which you will connect and perform the automated operations and the API Key to access that server.
- You must also know your integration (service) key that is used to access the PagerDuty API.
- To access the FortiSOAR™ UI, ensure that port 443 is open through the firewall for the FortiSOAR™ instance.
Configuring the connector
For the procedure to configure a connector, click here.
Configuration parameters
In FortiSOAR™ , on the Connectors page, click the PagerDuty connector row, and in the Configuration tab enter the required configuration details.
| Parameter |
Description |
| Server |
URL of the PagerDuty server to which you will connect and perform the automated operations. |
| API Key |
API key that is configured for your account to access the PagerDuty server. |
| Integration Key |
Integration key (service key) that is used to access the PagerDuty API. |
| Service |
Name of the service in which the you want to create the incident in PagerDuty. |
| Escalation Policy |
Name of the Escalation Policy with which you want to bound the incident created in PagerDuty. |
| Verify SSL |
Specifies whether the SSL certificate for the server is to be verified or not.
Defaults to True. |
Actions supported by the connector
The following automated operations can be included in playbooks, and you can also use the annotations to access operations from FortiSOAR™ release 4.10.0 onwards:
| Function |
Description |
Annotation and Category |
| Get User Details |
Retrieves details for an existing user from your PagerDuty account based on the user ID you have specified. |
get_user_info
Investigation |
| Get User Notification Rules |
Retrieves details for an existing user's notification rule from your PagerDuty account based on the user ID and notification rule ID you have specified. |
get_notification
Investigation |
| List Notifications |
Retrieves a list of notifications configured in your PagerDuty account based on the notification type and date range you have specified. |
get_notification
Investigation |
| List Teams |
Retrieves a list of all teams configured in your PagerDuty account. |
search_team
Investigation |
| List Users |
Retrieves a list of all users configured in your PagerDuty account. |
list_users
Investigation |
| Create Incident |
Creates an incident in your PagerDuty account based on the input parameters you have specified. |
create_incident
Investigation |
| Send Event |
Sends an event from your PagerDuty account as a alert to report a new or ongoing problem. The event is sent based on the input parameters you have specified. |
send_event
Investigation |
| Update Event |
Updates and existing event or alert in your PagerDuty account to report a new or ongoing problem. The event is sent based on the input parameters you have specified. |
update_event
Investigation |
operation: Get User Details
Input parameters
| Parameter |
Description |
| User ID |
ID of the user whose details you want to retrieve from your PagerDuty account. |
Output
The JSON output contains details of the specified user such as ID, notification rules, and email address, retrieved from your PagerDuty account, based on the user ID you have specified.
The output contains the following populated JSON schema:
{
"user": {
"job_title": "",
"time_zone": "",
"email": "",
"contact_methods": [
{
"summary": "",
"type": "",
"id": "",
"self": "",
"html_url": ""
}
],
"notification_rules": [
{
"start_delay_in_minutes": "",
"created_at": "",
"type": "",
"contact_method": {
"summary": "",
"type": "",
"id": "",
"self": "",
"html_url": ""
},
"id": "",
"urgency": ""
}
],
"avatar_url": "",
"description": "",
"summary": "",
"role": "",
"html_url": "",
"name": "",
"teams": [
{
"summary": "",
"type": "",
"id": "",
"self": "",
"html_url": ""
}
],
"type": "",
"invitation_sent": "",
"id": "",
"self": "",
"color": ""
}
}
operation: Get User Notification Rules
Input parameters
| Parameter |
Description |
| User ID |
ID of the user whose notification rules you want to retrieve from your PagerDuty account. |
| Notification Rule ID |
ID of the notification rules for which you want to retrieve details from your PagerDuty account. |
Output
The JSON output contains details of the specified notification rule such as notification rule name and contact methods, retrieved from your PagerDuty account, based on the user ID and notification rule ID you have specified.
The output contains the following populated JSON schema:
{
"notification_rule": {
"start_delay_in_minutes": "",
"summary": "",
"urgency": "",
"html_url": "",
"type": "",
"contact_method": {
"summary": "",
"type": "",
"id": "",
"self": "",
"html_url": ""
},
"id": "",
"self": "",
"created_at": ""
}
}
operation: List Notifications
Input parameters
| Parameter |
Description |
| Notification Type |
Type of notification for which you want to retrieve details from your PagerDuty account.
You can choose from the following options: SMS Notification, Email Notification, Phone Notification, or Push Notification. |
| Since |
Start date and time from when you want to retrieve information about the specified notification type from your PagerDuty account. |
| Until |
End date and time till when you want to retrieve information about the specified notification type from your PagerDuty account. |
Output
The JSON output contains details of the specified notification type such as the address to which the notification is sent and summary of the notification, retrieved from your PagerDuty account, based on the notification type and date range you have specified.
The output contains the following populated JSON schema:
{
"notifications": [
{
"type": "]",
"started_at": "",
"id": "",
"address": "",
"user": {
"summary": "",
"type": "",
"id": "",
"self": "",
"html_url": ""
}
},
{
"type": "",
"started_at": "",
"id": "",
"address": "",
"user": {
"summary": "",
"type": "",
"id": "",
"self": "",
"html_url": ""
}
}
]
}
operation: List Teams
Input parameters
None.
Output
The JSON output contains details such as ID, name, and type, retrieved from the PagerDuty server, of all the teams configured in your PagerDuty account.
The output contains the following populated JSON schema:
{
"teams": [
{
"description": "",
"summary": "",
"html_url": "",
"name": "",
"type": "",
"id": "",
"self": ""
}
]
}
operation: List Users
Input parameters
None.
Output
The JSON output contains details such as ID, summary, and job title, retrieved from the PagerDuty server, of all the users, configured in your PagerDuty account.
The output contains the following populated JSON schema:
{
"users": [
{
"job_title": "",
"time_zone": "",
"email": "",
"contact_methods": [
{
"summary": "",
"type": "",
"id": "",
"self": "",
"html_url": null
}
],
"notification_rules": [
{
"start_delay_in_minutes": "",
"created_at": "",
"type": "",
"contact_method": {
"summary": "",
"type": "",
"id": "",
"self": "",
"html_url": null
},
"id": "",
"urgency": ""
}
],
"avatar_url": "",
"description": "",
"summary": "",
"role": "",
"html_url": "",
"name": "",
"teams": [
{
"summary": "",
"type": "",
"id": "",
"self": "",
"html_url": ""
}
],
"type": "",
"invitation_sent": "",
"id": "",
"self": "",
"color": ""
},
{
"job_title": "",
"time_zone": "",
"email": "",
"contact_methods": [
{
"summary": "",
"type": "",
"id": "",
"self": "",
"html_url": null
}
],
"notification_rules": [
{
"start_delay_in_minutes": "",
"created_at": "",
"type": "",
"contact_method": {
"summary": "",
"type": "",
"id": "",
"self": "",
"html_url": ""
},
"id": "",
"urgency": ""
}
],
"avatar_url": "",
"description": "",
"summary": "",
"role": "",
"html_url": "",
"name": "",
"teams": [
{
"summary": "",
"type": "",
"id": "",
"self": "",
"html_url": ""
}
],
"type": "",
"invitation_sent": "",
"id": "",
"self": "",
&nbsnbsp; "color": ""
}
]
}
operation: Create Incident
Input parameters
| Parameter |
Description |
| From |
Email address of the user who is creating the incident in PagerDuty. |
| Title |
Title of the incident to be created in PagerDuty. |
| Description |
Description of the incident to be created in PagerDuty. |
| Service |
Name of the service under which the incident is to be created in PagerDuty. |
| Priority |
Priority of the incident to be created in PagerDuty. |
| Incident Key |
The Incident Creation API allows you to pass a unique incident key to identify an incident. If you do not provide an incident key, then a unique incident key is generated. |
Output
The JSON output contains details, such as ID, name, priority, and impacted service, of the incident created in your PagerDuty account, based on the input parameters you have specified.
The output contains the following populated JSON schema:
{
"incident": {
"status": "",
"first_trigger_log_entry": {
"summary": "",
"type": "",
"id": "",
"self": "",
"html_url": ""
},
"priority": {
"summary": "",
"type": "",
"id": "",
"self": "",
"html_url": ""
},
"title": "",
"assignments": [
{
"at": "",
"assignee": {
"summary": "",
"type": "",
"id": "",
"self": "",
"html_url": ""
}
}
],
"html_url": "",
"last_status_change_by": {
"summary": "",
"type": "",
"id": "",
"self": "",
"html_url": ""
},
"incident_number": "",
"last_status_change_at": "",
"summary": "",
"urgency": "",
"service": {
"summary": "",
"type": "",
"id": "",
"self": "",
"html_url": ""
},
"incident_key": "",
"type": "",
"teams": [
{
"summary": "",
"type": "",
"id": "",
"self": "",
"html_url": ""
}
],
"id": "",
"self": "",
"created_at": "",
"escalation_policy": {
"summary": "",
"type": "",
"id": "",
"self": "",
"html_url": ""
}
}
}
operation: Send Event
Input parameters
| Parameter |
Description |
| Summary |
Summary of the event, which is used to generate the summaries or titles of any associated alerts. |
| Source |
Unique location of the affected system, preferably a hostname, or FQDN, or the complete link. |
| Severity |
Perceived severity of the status of the event that is being sent with respect to the affected system. You can choose from the following options: Critical, Error, Warning or Info. |
| Timestamp |
(Optional) Datetime at which the emitting tool detected or generated the event. |
| Component |
(Optional) Component of the source machine that is responsible for the event. For example mysql or eth0. |
| Group |
(Optional) Group of the component, i.e., the logical grouping of components of a service. For example app-stack. |
| Class |
(Optional) Class or type of event. |
Output
The output contains the following populated JSON schema:
{
"message": "",
"dedup_key": "",
"status": ""
}
operation: Update Event
Input parameters
| Parameter |
Description |
| Event Action |
Action of the event that is being updated. You can choose from the following options: Trigger, Acknowledge, or Resolve |
| Deduplication Key |
Deduplication key for correlating triggers and resolves. The maximum allowable length of this parameter is 255 characters. |
| Summary |
Summary of the event, which is used to generate the summaries or titles of any associated alerts. |
| Source |
Unique location of the affected system, preferably a hostname, or FQDN, or the complete link. |
| Severity |
Perceived severity of the status of the event that is being updated with respect to the affected system. You can choose from the following options: Critical, Error, Warning or Info. |
| Timestamp |
(Optional) Datetime at which the emitting tool updated the event. |
| Component |
(Optional) Component of the source machine that is responsible for the event. For example mysql or eth0. |
| Group |
(Optional) Group of the component, i.e., the logical grouping of components of a service. For example app-stack. |
| Class |
(Optional) Class or type of event. |
Output
The output contains the following populated JSON schema:
{
"message": "",
"dedup_key": "",
"status": ""
}
Included playbooks
The Sample - PagerDuty - 2.0.0 playbook collection comes bundled with the PagerDuty connector. This playbook contains steps using which you can perform all supported actions. You can see the bundled playbooks in the Automation > Playbooks section in FortiSOAR™ after importing the PagerDuty connector.
- Create Incident
- Get User Details
- Get User Notification Rules
- List Notifications
- List Teams
- List Users
- Send Event
- Update Event
Note: If you are planning to use any of the sample playbooks in your environment, ensure that you clone those playbooks and move them to a different collection since the sample playbook collection gets deleted during connector upgrade and delete.
