Threat Stack integration for Splunk On-Call π
The following guide walks you through the steps needed to integrate your Threat Stack alerts into the Splunk On-Call timeline.
Requirements π
This integration is compatible with the following versions of Splunk On-Call:
Starter
Growth
Enterprise
Splunk On-Call configuration π
From the Splunk On-Call web portal, select Settings, Alert Behavior, Integrations.
Select the Threat Stack Integration.
Turn on the integration and copy the service API endpoint to the clipboard.
Threat Stack configuration π
From the main Threat Stack screen, select Settings, Integrations. Select the Splunk On-Call integration.
Enter a name and description for the integration, then paste in the URL you copied from Splunk On-Call.
Select the alert severity you want to send to Splunk On-Call.
This completes the integration process.