Panther Integration

Panther is a modern security information and event management (SIEM) platform that helps teams detect, investigate, and respond to threats at cloud scale. With the ilert integration, Panther can automatically send alerts to ilert, enabling real-time incident response through multi-channel notifications and on-call scheduling.

In ilert: Create a Panther alert source

1. Go to Alert sources -> Alert sources and click Create new alert source.

   
2. Search for Panther in the search field, click the Panther tile, and then Next.

   
3. Give your alert source a name, optionally assign teams, and click Next.

4. Select an escalation policy by creating a new one or assigning an existing one.

   
5. Select your Alert grouping preference and click Continue setup. You may click Do not group alerts for now and change it later.

   
6. The next page shows additional settings, such as customer alert templates or notification priority. Click Finish setup for now.

7. On the final page, an API key and/or webhook URL will be generated. You will need it later.

In Panther: Create an Alert Destination

1. On the sidebar, click on Configure -> Alert Destinations.

1. Now select Custom Webhook.

1. Enter a Display Name.

2. Enter the in ilert previous generated alert source url into the Custom Webhook URL field.

3. Click Add Destination to finish the setup.

1. Optional: Send a test alert.

FAQ

Will alerts in ilert be resolved automatically?

No, unfortunately Panther is not compatible with ilert's resolve event.