Pagerduty + IDS/NSM

nsm
ids
bro
snort
suricata

(Samson H) #1

Anyone using Pagerduty to push them interesting Intrusion Detection System/Network Security Monitoring Alerts?
Using Bro, Snort, or Suricata for example?


(Battle Axe Nelson22) #2

Samson did you figure this out? I’m also curious about using Pagerduty for Snort alerts.


(Samson H) #3

I did! It wasn’t too difficult.
I had to use a python script to achieve it.


(Battle Axe Nelson22) #4

Great! Actually just after I asked the question I realized our snort logs are ingested by splunk. So I can just configure alerts in splunk which integrates nicely with Pagerduty.

Glad you got it working!


(Samson H) #5

Hah! Nice! That’s awesome!
That’s great you can go that route.


(system) #6