- Overview
- Configuration
PagerDuty
Automate incident management with PagerDuty and ADManager Plus integration
PagerDuty is an incident response platform built to help developers, DevOps, and IT teams by providing them with real-time alerts, escalation policies, and automated workflows. By integrating PagerDuty with ADManager Plus across AD, organizations can automate and streamline incident management while ensuring that only authorized personnel have access to critical incident data and systems. This integration improves security and ensures faster response times by automating incident actions based on user roles and permissions managed within ADManager Plus.
Add incidents
Automate the creation of incident records in PagerDuty when specific user events are detected in ADManager Plus. For instance, unauthorized access attempts or changes in user status can trigger an incident creation, ensuring immediate and appropriate response actions.
Update incidents
Facilitate real-time updates to incident statuses in PagerDuty based on changes within ADManager Plus. If a user's role is updated or they are removed from a critical group, the corresponding incident in PagerDuty can be automatically updated to reflect this change, ensuring that incident records remain accurate and up-to-date.
Configuration Document: Integrating PagerDuty with ADManager Plus
Prerequisites:
PagerDuty uses API Keys to authorize API requests.
Privileges:
- To import users (inbound action): Ensure the account used for authorization has permission to read all user accounts.
- To perform any action or query in PagerDuty (outbound action): Ensure the account used for authorization has permission to perform the desired action.
Authorization configuration
- Log in to ADManager Plus and navigate to the Automation tab.
- In the left pane, under Configuration, click Application Integrations.
- Under Enterprise Applications, click PagerDuty.
- Toggle the Enable PagerDuty Integration button on.
- In the PagerDuty Configuration page, click Authorization.
- Perform the steps to generate the API Keys and API Token in PagerDuty and enter the API Key in the value field.
- Click Configure.
Inbound webhook configuration
Inbound webhook enables you to fetch user data from PagerDuty to ADManager Plus. The attribute mapping configured in this section can be selected as the data source during automation configuration.
To configure an inbound webhook for PagerDuty:
- Under Inbound Webhook, click PagerDuty Endpoint Configuration.
- In the Endpoint Configuration tab, an endpoint, PagerDuty USERS ENDPOINT, comes preconfigured with an Endpoint URL, API Method, Headers, and Parameters fields to fetch user accounts from PagerDuty. If you would like to use this preconfigured endpoint, replace {id} with the domain name of your PagerDuty instance in the Endpoint URL field. However, if you would like to use a new endpoint to import users, you can configure one using the + Add API endpoint button and filling in the required fields as per PagerDuty's API references. Click here to learn how.
- The API key value pair is preconfigured as a header for authenticating API requests as configured during authorization configuration.
- Macros: You can add macros to your endpoint configuration to dynamically change it as per your requirements using the macro chooser component.
- Refer to PagerDuty's API references and configure additional headers and parameters, if required.
- Once done, click Test & Save. A response window will display all the requested parameters that can be fetched using the API call. After verifying if the requested parameters have been called to action, click Proceed.
- Refer to PagerDuty's API references to know the Parameters that must be configured to fetch only specific parameters.
- You can configure multiple endpoints for PagerDuty using the + Add API endpoint button. Click here to learn how.
- Click Data Source - LDAP Attribute Mapping to match endpoints and to map AD LDAP attributes with the respective attributes in PagerDuty.
- Click + Add New Configuration and perform the following:
- Enter the Configuration Name and Description and select the Automation Category from the drop-down menu.
- In the Select Endpoint field, select the desired endpoint and a Primary Key that is unique to a user (e.g. employeeIdentifier). Note: When multiple endpoints are configured, this attribute must hold the same value in all the endpoints.
- In the Attribute Mapping field, select the attribute from the LDAP Attribute Name drop-down menu and map it with the respective column in PagerDuty.
- If you would like to create a new custom format for this, click Add New Format.
- Click Save.
Note:
Note:
Outbound webhook configuration
Outbound webhook enables you to send changes made in AD to PagerDuty, and carry out tasks in PagerDuty—all from ADManager Plus. The webhooks configured in this section can be included in Orchestration Templates, which in turn can be used during event-driven and scheduled automations. They can also be applied directly on desired users to perform a sequence of actions on them (Management > Advanced Management > Orchestration).
To configure outbound webhooks for PagerDuty:
- Under Outbound Webhook, click PagerDuty Webhook Configuration.
- Click + Add Webhook.
- Enter a name and description for this webhook.
- Decide on the action that has to be performed and refer to PagerDuty's API references for the API details such as URL, and the headers, parameters, and other requirements that will be needed.
- Select the HTTP method that will enable you to perform the desired action on the endpoint from the drop-down menu.
- Enter the endpoint URL.
- Configure the Headers, Parameters, and Message Type in the appropriate format based on the API call that you would like to perform.
- Click Test and Save.
- A pop up window will then display a list of AD users and groups to test the configured API call. Select the desired user or group over which this API request has to be tested and click OK. This will make a real time call to the endpoint URL and the selected objects' will be modified as per the configuration.
- The webhook response and request details will then be displayed. Verify them for the expected API behaviour and click Save.