Create
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Sign up Log in
Products
See all
Community resources
Top groups
Explore all groups
Community resources
Learn
Community resources
Events
Community resources

Opsgenie Rapid7/InsightIDR Integration

Rowell
Rowell April 6, 2022

We have a requirement to throw the alerts from InsightIDR. Right now it is being sent as email which is not really helping us.

We are considering Opsgenie to leverage as alert and notification tool to sit between Rapid7 and JSM where it could accept the alerts and notify the correct oncalls while maintaining a full integration with JSM.

There is no API integration for Opsgenie and even the integration in Jira is limited only to Story issue types: Create a ServiceNow or JIRA Ticket | InsightIDR Documentation (rapid7.com)

I came across the webhook for InsightIDR Universal Webhook | InsightIDR Documentation (rapid7.com) which I would like to explore if possible (before upgrading our OpsGenie to Standard Plan).

Appreciate any help.

Answer
Watch
Like Be the first to like this
709 views

1 answer

0 votes
Nick H
Nick H
Atlassian Team
Atlassian Team members are employees working across the company in a wide variety of roles.
April 6, 2022

Hi @Rowell ,

Seems like you could leverage an Email Integration to connect InsightIDR with Opsgenie, and have these emails from InsightIDR create alerts in Opsgenie. Then have Opsgenie sit between Rapid7 and JSM to create issues from these alerts.

Within the JSM integration, you should be able to specify which types of issues are created by the alerts:

r71.jpg

 

The image above is our old integration framework which is limited to only creating one issue type per integration - so multiple integrations would be needed if you were hoping for more than one.

Having said that, our new integration framework provides more flexibility with the ability to created different issues types depending on the alerts and data being parsed in the payload:

r72.jpgr73.jpg

 

As for the InsightIDR Universal Webhook, not entirely sure we've come across this in the past with other customers. We do also offer an API integration - which I understand is a bit different - but might be able to integrate with Opsgenie.

Hope that helps. The suggestions above might be limited if you are on the Essentials plan though. But please let us know if you have any other questions.

View More Comments
Rowell
Rowell April 6, 2022

Thanks for this Nick!

Right now, Email is the only integration we have like I said but the emails being thrown by InsightIDR is neither informative nor helpful for alert investigation. It only sends a link to Rapid7 for the events for Ops to visit.

I forgot to mention that we have a certain requirement to preset most of the fields such as Entity and especially Priority when setting up alerts to help with the routing in Opsgenie. This is not possible through email only since emails from InsightIDR *can not* be customized.

The above requirement has brought me to explore Webhooks instead.

Hope this makes sense.

Like
Reply

Suggest an answer

Log in or Sign up to answer
Opsgenie
Opsgenie
TAGS
AUG Leaders

Atlassian Community Events

    See all events