This article describes how to set up a webhook method to forward alerts to any platform that supports a webhook, such as Netcool or ServiceNow.
Note: Requires Su34.5 or higher (including the meshIQ Platform versions 11 and higher) on all server and console platforms.
Setup
The webhook service is enabled at a policy manager level. For example, different policy managers can be used when unique configuration is needed for different applications.
Select a Policy Manager from Enterprise Manager and then click Properties and select the Webhook tab.
Set the required parameters. An example is provided below. In fields where parameterization is permitted, environment variables can be used. Examples of environment variables are shown below and can be found in Table 4-34. AutoPilot System Environment Variables in the AutoPilot M6 Administrator's Guide (or in the meshIQ Platform Core Services Admin and User's Guide, available in the meshIQ Platform Documentation Library).
Enable Webhook | Select the check box to turn on webhook integration. |
Request type | GET, POST, PUT, PATCH, DELETE as defined in the application you are connecting to. |
URL | URL to which to send webhook requests. Can be parameterized. |
Authentication type | Basic,Bearer |
Basic authentication password | |
Basic authentication username | |
Bearer token authentication token | |
Request body type | JSON, XML, PLAIN TEXT, NONE |
Request body content | Can be parameterized. See Example: Request body content for an example. |
Request headers |
Can be parameterized and separated by new lines. Example: HeaderFrom=%from% HeaderRoot=%root% |
Response ok statuses |
examples 200,400,401 (as defined by service) |
Retry on fail count |
Number of times to retry a failed request |
Retry on fail delay |
Number of milliseconds to wait before retrying a failed request |
Skip retry on statuses |
If a response status does not require a retry, list it here. |
SSL key store file path |
Enter the path to the key store file. |
SSL key store password |
|
SSL skip certificates check |
To be used for self signed certificates |
SSL trust store file |
Enter the path to the trust store file. |
SSL trust store password |
|
Example: Request body content
{
"id": %id%,
"domain": "{server.domain}",
"from": "%from%",
"root": "%root%",
"manager": "%manager%",
"policy": "%policy%",
"sev": "%sevstr%",
"event": "%event%"
}
Testing
If setup is correct, sensor events will be send via webhook call using configured parameters when events are generated.
Samples
JSON content
{
"ApplicationID": 123456,
"ClusterKey": "%f0(2)%",
"ComponentArg": "%policy%",
"ComponentID": "%f0(3)%",
"EventTypeID": 314,
"NotificationSetting": "T",
"Severity": "%sevstr%",
"Source": "%from%",
"TicketQueue": "SNOW_GROUP",
"msg": "{sensor.default.email.subject}",
"shortmsg": "{sensor.default.email.subject}"
}
XML content
<?xml version="1.0" encoding="UTF-8" ?>
<root>
<ApplicationID>123456</ApplicationID>
<ClusterKey>%f0(2)%</ClusterKey>
<ComponentArg>%policy%</ComponentArg>
<ComponentID>%f0(3)%</ComponentID>
<EventTypeID>314</EventTypeID>
<NotificationSetting>T</NotificationSetting>
<Severity>%sevstr%</Severity>
<Source>%from%</Source>
<TicketQueue>SNOW_GROUP</TicketQueue>
<msg>{sensor.default.email.subject}</msg>
<shortmsg>{sensor.default.email.subject}</shortmsg>
</root>
Plain text content
ApplicationID 123456
ClusterKey %f0(2)%
ComponentArg %policy%
ComponentID %f0(3)%
EventTypeID 314
NotificationSetting T
Severity %sevstr%
Source %from%
TicketQueue SNOW_GROUP
msg {sensor.default.email.subject}
shortmsg {sensor.default.email.subject}
Testing
Functionality can be tested using Docker's free webhook testing site: https://webhook.site/#!/. Below is an example of a message received on the webhook server:
Troubleshooting
Ensure the event is firing by viewing the Policies log. See How to configure a sensor for alerting
If requested by support, you can add additional logging, adding the following to log42.xml:
<Logger name="com.nastel.nmx.services.webhook" level="debug" additivity="false">
<AppenderRef ref="console"/>
<AppenderRef ref="file"/>
</Logger>