QUESTION

Does Panther support adding custom runbooks to System Errors?

ANSWER

Currently, Panther does not support adding custom runbooks to System Errors. If you are interested in this feature, please contact our Panther Support team to put in a request.

As a workaround, you can configure a webhook alert specifically for the System Errors, that can be linked to an automation tool, which will allow attaching custom runbooks to these alerts.

Here's an example of what a System Error payload sent to a custom webhook destination looks like:

{
  "id": "",
  "createdAt": "2024-10-17T19:30:35.414Z",
  "severity": "CRITICAL",
  "type": "SYSTEM_ERROR",
  "link": "­https://panther-tse.runpanther.net/alerts-and-errors/f3c83746sd?source=webhook",
  "title": "Source [Test s3 bucket] received events recently that we were unable to classify",
  "name": null,
  "alertId": "f3c83746sd",
  "alertContext": {},
  "description": "",
  "runbook": "",
  "tags": [],
  "version": null
}