Generic REST API integration with Incident Response

Use REST (REpresentational State Transfer) inbound web services to interact with the Incident Response instance through web service requests. From your custom monitoring tool, use the generic REST API if you want to send an event in a specific format to Incident Response.

Before you begin

Role required: Responder, Manager, or Administrator

Procedure

  1. Log in to Incident Response.
  2. On the navigation pane, click Integrations.
    Figure 1. Integrations landing page
    The Integrations landing page.
  3. Click the Generic Rest API integration card.
  4. On the form, fill in the fields.
    Field Description
    Name Name of the integration.
    Status Status of the integration such as enabled or disabled.
    Note: You can modify this field only after the webhook is generated.
    Description Brief summary about the services of the integration.
    Integration URL URL of the home page of the monitoring tool that sends alerts.
    Tags Tags that can help users search for the integration.
    Service Name of the service that you want to associate with the integration.
  5. Click Generate Webhook.

    A webhook URL is generated.

    A webhook URL is generated.
    Copy the webhook by clicking the copy icon (Copy the webhook URL.) and paste it in a safe place because you will need it when configuring REST API.
  6. Click Save.
  7. Click the Parameters tab.
  8. Fill the details for the parameters, as required.
    Parameters in generic rest api integration.
    To add more parameters, click +Add more parameters. With the details that you entered for each parameter, the sample payload is created.
    Sample payload created for REST API.
    Note: Use the Sample payload tab to view the sample payload. The payload is to verify whether the integration is configured correctly in Incident Response. To test whether an alert is getting generated, click Send sample alert and from the navigation pane on your instance, click Alerts to check if any alert is created. The alert is generated from Incident Response and not from the monitoring tools.