Configure the webhook in Icinga2

Configure webhook endpoints so that Icinga2 can use the endpoint to communicate with Incident Response.

Before you begin

Role required: Responder, Manager, or Administrator

About this task

Note: While this integration with a third-party product is supported, the documentation here is based upon information provided by that third-party. More current information about the operation of that third-party’s system may be available from them directly.

Procedure

  1. Log in to your Icinga2 server.
  2. Navigate to the location where you have installed Icinga2.
  3. Place the file webhook_notification_lightstep.conf in the conf.d directory (<install location>/icinga2/conf.d).
    For example, in Linux, the default installation path is /etc/icinga2/conf.d.
  4. Open webhook_notification_lightstep.conf.
  5. On line 2, as the value for the pager property, enter the webhook URL copied from Incident Response.
    Add webhook URL.
  6. Save the changes.
  7. Navigate to the scripts directory in Icinga2.
  8. Place the file lightstep-webhook in the scripts directory (<install location>/icinga2/scripts).
    For example, in Linux, the default installation path is /etc/icinga2/scripts.
  9. Make the script executable.
  10. Open the configuration files for hosts. Add the line vars.enable_lightstep = true to all the hosts for which alerts must be sent to Incident Response.
    Enable host and service.
  11. Open the configuration file for services. Add the line vars.enable_lightstep = true to all the services for which alerts must be sent to Incident Response.
  12. If you want to send alerts for all hosts and all services to Incident Response, add the line vars.enable_lightstep = true to the generic-host and generic-service templates (<install location>/icinga2/conf.d/templates.conf).
    Generic host and service templates.
    Note: You must ensure that generic templates are being used by the host and service objects.
  13. Restart the Icinga2 server.

Results

Alerts triggered in Icinga2 will create alerts in Incident Response.