Configuring security event alerts in Slack and Jira

note

This feature is tech preview. Tech preview features may be subject to significant changes before they become GA.

You can configure Calico Cloud webhooks to post security alerts directly to a Slack channel or to create an issue in your Jira project. By configuring webhooks for security alerts, you can make sure that you receive critical alerts without having to sign in to Manager UI.

Before you begin

Your target application must be configured to receive data from the Calico Cloud webhook.

• Slack. You must have a webhook URL for the Slack app that you want Calico Cloud to send alerts to. See Sending messages using Incoming Webhooks for more information.
• Jira. You must have an API token for an Atlassian user account that has write permissions to your Jira instance. See Manage API tokens for your Atlassian account for details on how to obtain an API token. You also need:
  • Your Atlassian site URL. If you access Jira at the URL https://<your-company>.atlassian.net/jira, then your site URL is <your-company>.atlassian.net.
  • A Jira project key. This is the Jira project where your Calico Cloud webhook creates new issues. This user associated with your API token must have write permissions to this project.
• Generic JSON. You must have a webhook URL for any other application you want the Calico Cloud webhook to send alerts to.

Create a webhook for security event alerts

1. In Manager UI, select Activity > Webhooks, and then click Create your first webhook.
2. Enter a Name for your webhook, select which Event types you want to get alerts for, and, under Type, select whether to configure the webhook for Slack, Jira, or for generic JSON output.
3. Complete the fields for your webhook type and click Create Webhook.