Splunk On-Call / VictorOps

DataDome integrates with Splunk On-Call (formerly VictorOps), and can deliver alerts in your Splunk On-Call dashboard.

Step 1: Create a REST Endpoint integration in Splunk On-Call.

  • Log to your Splunk On call account

  • Go to "Integrations", search for the "REST Generic" integration, and click on REST Generic.

  • Add the "REST Generic" integration and click Enable Integration on the next screen. Copy the URL provided.

📘

You will need to append a routing key. Here it could be "DataDome", so all DataDome events will be routed to the same place.

Step 2: Configure the Splunk On-Call integration into DataDome.

  • Log into your DataDome account and go to "Management", then navigate to "Integrations" and click on the ADD + button.
  • Give the webhook a name, select payload as "Splunk On-Call / VictorOps", enter the webhook URL (see below) into the URL field, and click on Save.
    You can also configure which threats you want to be notified about or select "All threats" to include them all.

  • You can test the webhook to ensure it is correctly configured by clicking on "Test your webhook".

🚧

Request timeout

Please note that a timeout of 5 seconds is applied to the sent requests.

Congratulations! You have successfully integrated DataDome with Splunk On-Call !