Datto EDR's PagerDuty Integration via Webhooks and APIs

ALERT LEGACY ARTICLE: The content in this article is no longer updated and is available for reference purposes only. Features and workflows described may be deprecated, significantly changed, or no longer supported.

Environment

Datto EDR

Description

Overview

The primary purpose of this document is to provide a walk-thru on configuring Datto EDR and PagerDuty so the Security Alerts generated by Datto EDR can generate events within PagerDuty.

Integrating between Datto EDR and PagerDuty is extremely simple and is accomplished by leveraging a Service created in PagerDuty and a Webhook configured in Datto EDR. The integration between the two platforms leverages:

An Integration with the PagerDuty Service where an API Integration is created (PagerDuty Events API v2)
A defined Webhook with the Datto EDR Platform where the Webhook calls out to the PagerDuty API for Events and sends the alert payload to initiate an event in PagerDuty.

Configuring PagerDuty

1. Create a PagerDuty Service.

2. )Â Configuring the PagerDuty API Integration

Configuring the Datto EDR Webhook

Datto EDR's platform provides a simple mechanism to forward Alerts within Datto EDR to any number of receiving platforms; and in this example, PagerDuty.

Creating a Webhook in Datto EDR

Datto EDR's direct Webhook capability allows the end-user to create the Webhook and fully customize the payload and delivery options for the alert.Â In the example below, the Webhook is created, named as "PagerDuty Event Integration" and is directed at PagerDutyâs API for Events.

The method is "POST."
The url will be "https://events.pagerduty.com/v2/enqueue"
The headers section should contain the content type set to json and the Authorization token from the PagerDuty Service.
content-type=application/json, Authorization=XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
The body of the Webhook is then configured based on PagerDuty's API documentation (https://v2.developer.pagerduty.com/docs/events-api-v2).Â

Here's an example:

                    {
"payload": {
"summary": "string",
"timestamp": "{{createdOn}}",
"severity": "critical",
"source": "string",
"component": "string",
"group": "string",
"class": "string",
"custom_details": {}
},
"routing_key": "XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX",
"event_action": "trigger",
"dedup_key": "string",
"client": "string",
"client_url": "string",
"links": [
{
"href": "string",
"text": "string"
}
],
"images": [
{
"src": "string",
"href": "string",
"alt": "string"
}
]
}

Once the Webhook is created and saved, any alert that is triggered within the Datto EDR platform will be sent to PagerDuty as an Event into the defined and referenced PageDuty service (with the Integration API key)

	Need troubleshooting help? Open the Kaseya Helpdesk.
	Want to talk about it? Head on over to the Community!
	Have an idea for a new feature? Want to learn about upcoming enhancements? Visit the Ideas forum!
	Provide feedback for the Documentation team.