The webhook output type sends alerts to a webhook endpoint with an HTTP request. This output type is incredibly powerful when combined with Alert Templates because it allows users to create ad hoc integrations with a number of third-party services. Some common use cases are to ship Alert summaries to Slack, automatically create Jira tickets when high priority Alerts are seen, or even to send Alerts directly to a Splunk Cloud instance.
| Key | Required | Description |
|---|---|---|
type |
yes | The output type. |
enabled |
yes | Enables/disables the output. |
url |
yes | The URL to send the request to. |
headers |
no | The headers to pass along with the request. Defaults to “Content-Type: application/json”. |
method |
no | The HTTP method to use. Defaults to POST. |
timeout |
no | The timeout in seconds. Defaults to 30. |
Example:
alert_output:
outputs:
# Send Alerts to a local web server
- type: webhook
enabled: true
url: http://localhost:8080/alerts
# Send Alerts to an arbitrary service with all settings
- type: webhook
enabled: true
url: https://api.example-company.com/capsule8-alerts
template: "New Capsule8 Alert {{.UUID}}"
timeout: 5
method: PUT
headers:
"Content-Type": "text/plain"
"X-COMPANY-AUTH": "123456"
# Send Alerts to Slack using their webhook JSON format
- type: webhook
enabled: true
url: https://hooks.slack.com/services/123ABC/ab914B12eeigVh2xZ
template: '{"text": "🌶 New Capsule8 Alert {{.PolicyType}} {{.Description}}"}'
Comments
0 comments
Please sign in to leave a comment.