You can configure ZDX to send alerting via webhooks into Teams. As this isn’t publicly documented, I thought I would upload how I got it working in my environment.
Click on the three dots, then go to “Connectors”
Click “”configure” for “Incoming Webhooks”.
Give the webhook a name, then save.
Copy the URL, as we will need it for ZDX.
Go to Administration > Webhooks
Click on “Add New Webhook”.
Then configure the following:
- URL - paste the URL we took from Microsoft Teams “incoming webhook”
- Authentication Type = Token
- Beartoken = enter anything, its not used but needed to save config
Click “Test Webhook” (then go to teams to see if a message has been received), if it works then save it.
When you “Test Webhook”, you should see the following in Teams.
Apply To Alerts:
Go to Alerts > Rules, then for each Alert apply the webhook to that you want to receive a notification about.
Once configured you should start seeing messages being sent to Teams.