Pagerduty + IDS/NSM

#1

Anyone using Pagerduty to push them interesting Intrusion Detection System/Network Security Monitoring Alerts?
Using Bro, Snort, or Suricata for example?

1 Like
#2

Samson did you figure this out? I’m also curious about using Pagerduty for Snort alerts.

#3

I did! It wasn’t too difficult.
I had to use a python script to achieve it.

1 Like
#4

Great! Actually just after I asked the question I realized our snort logs are ingested by splunk. So I can just configure alerts in splunk which integrates nicely with Pagerduty.

Glad you got it working!

1 Like
#5

Hah! Nice! That’s awesome!
That’s great you can go that route.