Notify analysts and SOC teams when Revelstoke observes and responds to the root of an incident.
Below are the step-by-step instructions on how to connect PagerDuty to Revelstoke and manage this integration.

How it Works
Revelstoke ingests alerts if suspicious activity is detected. A new incident in PagerDuty will trigger the creation of an alert in Revelstoke. Revelstoke allows management of the PagerDuty incident workflow.
Requirements
The PagerDuty integration requires an admin role in order to authorize the account. If you are not an admin, please reach out to an admin or account owner within your organization to configure the integration for you.
Support
If you need any help getting the PagerDuty integration up and running, please do not hesitate to reach out to us via email at [email protected]
Integration Walkthrough
In PagerDuty
Integrating With a PagerDuty Service
Revelstoke integrates with PagerDuty as a Custom API. To connect, you must generate an API Key.
- Integrations > API Access Keys > Create new API Key
- Set the custom name. Note: if you select Read-Only, you may not be able to execute all Revelstoke commands
In Revelstoke
1. In your Revelstoke account, navigate to the Integrations page.

3. Select the PagerDuty integration.

4. Enter the following Required Fields:
- Name
- Base URL of API Platform
- API Token
- Results Limit

5. Enter the following Optional Fields if desired:
- Service Name
- Default Alert Category
- Execute On a Schedule
- Enabled
- Product Fields
6. Click Save.
How to Disable
To stop the Revelstoke project from creating triggers in PagerDuty, you will need to disable the PagerDuty integration in Revelstoke.
- Select the Revelstoke project that is configured to trigger PagerDuty incidents.
- Navigate to the Integrations page.
- Under the PagerDuty section click the Pencil icon.
- Uncheck Enabled and then Save to stop creating triggers.
How to Remove
- In your Revelstoke account, navigate to the Integrations page.
- Select the Trash icon.
- Select Yes, delete to remove PagerDuty instance from Revelstoke.

Take the suck out of the SOC
Discover the smarter way to SOAR. See Revelstoke in action today.