This tutorial describes how you can send a webhook from Crowdstike when a detection or incident has happen to iHub and iHub will create an Alert in OpsGenie and inform the one on call.
...
| Expand |
|---|
| title | iHub Cloud Instructions |
|---|
|
Creata an Integration Select Incoming webbook as trigger Add a Action: Webhook action Enter the URL: https://api.opsgenie.com/v2/alerts Method: POST Expand headers and add Key: Authorization and Value: GenieKey {your_key} Click on Variables and add the one below:
 In the body paste in | Code Block |
|---|
| {
"message": "CrowdStrike Incident {{name}}",
"alias": "CrowdStrike Incident",
"description":"ID: {{id}} URL:{{url}}",
"responders":[
{"id":"tt-xx-yy-zz-bb", "type":"team"}
],
"visibleTo":[
{"id":"tt-xx-yy-zz-bb", "type":"team"}
],
"tags": ["CrowdStrike"],
"priority":"P1"
} |
|
| Expand |
|---|
| title | iHub DataCenter instructions |
|---|
|
Goto Outbound integrations Add a new Action Enter the URL: https://api.opsgenie.com/v2/alerts Method: POST Expand headers and add Key: Authorization and Value: GenieKey {your_key} Click on Variables and add the one below:
img In the body paste in | Code Block |
|---|
| {
"message": "CrowdStrike Incident {{name}}",
"alias": "CrowdStrike Incident",
"description":"ID: {{id}} URL:{{url}}",
"responders":[
{"id":"tt-xx-yy-zz-bb", "type":"team"}
],
"visibleTo":[
{"id":"tt-xx-yy-zz-bb", "type":"team"}
],
"tags": ["CrowdStrike"],
"priority":"P1"
} |
Goto Inbound integrations Create a new Rule In the then clause point to the action above
|
...