PagerDuty Integration with Splunk

We currently have the PagerDuty add-on installed in our Splunk environment and are successfully (mostly) sending Incidents to PagerDuty. Unfortunately, all Incidents currently show up in PagerDuty with the same title (the name of the Splunk Alert that calls the PagerDuty action).

Is there a way within the Splunk/PagerDuty integration to change the Incident title to match the actual rule notification in the Splunk Notable Event?

Hi Greg,

We have some steps outlined in our integration guide on how to integrate Splunk via Global Event Routing. When using this method, there is an option to extract a field from the payload as the description.

If there is a different field in the payload that would be suitable for the title, then you may want to look into using this method. You can also find our specific Global Event Routing documentation linked here.

Thanks, Jade. I’ll give that a try.

Hi Greg,

We’ll wait to hear back from you!

If you have any further questions or issues, please do not hesitate to reply to this email.

Kind regards,

Hi Greg,

It’s been sometime since we’ve last heard from you.

Is there anything else we can help with at this time?

All the best,

Technical Support Specialist