IBM Resilient connector and action

Serverless Observability Serverless Security Stack

The IBM Resilient connector uses the RESILIENT REST v2 to create IBM Resilient incidents.

Create connectors in Kibana

You can create connectors in Stack Management > Connectors or as needed when you're creating a rule. For example:

Connector configuration

IBM Resilient connectors have the following configuration properties:

API key ID: The authentication key ID for HTTP Basic authentication.
API key secret: The authentication key secret for HTTP Basic authentication.
Organization ID: The IBM Resilient organization ID.
URL: The IBM Resilient instance URL.

Test connectors

You can test connectors as you're creating or editing the connector in Kibana. For example:

IBM Resilient actions have the following configuration properties.

Incident type: The type of the incident.
Severity: The severity of the incident.
Name: A name for the issue, used for searching the contents of the knowledge base.
Description: The details about the incident.
Additional comments: Extra information for the client, such as how to troubleshoot the issue.
Additional fields Stack 9.2.0: An object that contains custom field identifiers and their values. These fields must exist in the IBM Resilient application and must be specified in JSON format.

Connector networking configuration

Use the action configuration settings to customize connector networking configurations, such as proxies, certificates, or TLS settings. You can set configurations that apply to all your connectors or use xpack.actions.customHostSettings to set per-host configurations.