You can configure Lacework to forward events to PagerDuty using the PagerDuty Events API v2. Lacework requires an Events v2 integration key, and alerts and incidents must be enabled. Integration keys are generated by creating a new service or by creating a new integration for an existing service.
For more details regarding integration keys and their creation, refer to PagerDuty documentation: Events and REST APIs.
After you have your PagerDuty Integration key, return to the Lacework Console and complete the following steps:
- Log in to the Lacework Console with a Lacework user that has administrative privileges.
- Select Settings > Integrations.
- Under OUTGOING, select PagerDuty.
- Click + Add Integration.
- Name the integration.
- Add your integration key.
- Select an alert level; Lacework forwards events that only meet or exceed the chosen threshold.
- Click Save.
You should now start to receive Lacework event notifications in PagerDuty.