GitHub Advanced Security Integration

Create alerts in ilert based on code scanning alerts from GitHub.

With the ilert GitHub Advanced Security integration, you can create alerts in ilert based on code scans, secret scans and Dependabot scans from GitHub.

In ilert: Create a GitHub alert source

  1. Go to Alert sources --> Alert sources and click on Create new alert source

  2. Search for GitHub in the search field, click on the GitHub tile and click on Next.

  3. Give your alert source a name, optionally assign teams and click Next.

  4. Select an escalation policy by creating a new one or assigning an existing one.

  5. Select you Alert grouping preference and click Continue setup. You may click Do not group alerts for now and change it later.

  6. The next page show additional settings such as customer alert templates or notification prioritiy. Click on Finish setup for now.

  7. On the final page, an API key and / or webhook URL will be generated that you will need later in this guide

In GitHub: Create a Repository Webhook

  1. Go to your GitHub repository and then to Settings -> Webhooks and click on Add webhook to add a new webhook (<org>/<repo>/settings/hooks)

  1. In the Payload URL section, set the Webhook URL that you generated in ilert

  2. In the Content type section, select application/json

  1. In the Which events would you like to trigger this webhook? section, change it to Let me select individual events and select following events: Check runs, Code scanning alerts, Dependabot alerts, Issues, Secret scanning alert locations, Secret scanning alerts.

  1. Click on Save


Will alerts in ilert be resolved automatically?

Yes, as soon as the Github alert get resolved or closed, the alert in ilert will be resolved automatically.

Can I connect Github with multiple alert sources from ilert?

Yes, simply create more webhooks in Github.

Last updated