Panther Integration
Learn how to integrate Panther with ilert to automatically forward security alerts and trigger real-time incident notifications via phone, SMS, push, and more.
Panther is a modern security information and event management (SIEM) platform that helps teams detect, investigate, and respond to threats at cloud scale. With the ilert integration, Panther can automatically send alerts to ilert, enabling real-time incident response through multi-channel notifications and on-call scheduling.
In ilert: Create a Panther alert source
Go to Alert sources -> Alert sources and click Create new alert source.
Search for Panther in the search field, click the Panther tile, and then Next.
Give your alert source a name, optionally assign teams, and click Next.
Select an escalation policy by creating a new one or assigning an existing one.
Select your Alert grouping preference and click Continue setup. You may click Do not group alerts for now and change it later.
The next page shows additional settings, such as customer alert templates or notification priority. Click Finish setup for now.
On the final page, an API key and/or webhook URL will be generated. You will need it later.

In Panther: Create an Alert Destination
On the sidebar, click on Configure -> Alert Destinations.

Now select Custom Webhook.

Enter a Display Name.
Enter the in ilert previous generated alert source url into the Custom Webhook URL field.
Click Add Destination to finish the setup.

Optional: Send a test alert.

FAQ
Will alerts in ilert be resolved automatically?
No, unfortunately Panther is not compatible with ilert's resolve event.
Last updated
Was this helpful?