Alerting

How to configure POST request using webhook as an Alert Action?

Builder

Hello,

I am looking to configure POST request using webhook as an Alert action.

Issue is I am not sure how to configure all these details. I am only getting URL options.

alt text

Request Details:

-   URL: http://mule/issuesapi/v2/jiratst/projects/TI/issues
-   Method: POST
-   Credentials as Basic Authentication:
-   Username/Password: ***/***
-   Body

Request1:
{
  "summary": "Test to create TI issue from mule",
  "description": "Mule Testing Jira Api one level of Module",
  "type": "Incident",
  "priority": "3-Medium",
  "reporter": "ag",
  "moduleMapLevels":{"parent":"Common to All Modules"},
  "moduleMapAssets": [{"name":"Rates | IRD"},{"name":"CRD | CRD"}]
}
Labels (1)
0 Karma

SplunkTrust
SplunkTrust

Hi @agoyal,

You can't send custom payload using Webhook alert action, it will by default send below payload (Check $SPLUNK_HOME/vetc/apps/alert_webhook/bin/webhook.py ) which contain Job SID, Search Name, App name, owner, Job Result link and Result.

settings = json.loads(sys.stdin.read())
url = settings['configuration'].get('url')
body = OrderedDict(
    sid=settings.get('sid'),
    search_name=settings.get('search_name'),
    app=settings.get('app'),
    owner=settings.get('owner'),
    results_link=settings.get('results_link'),
    result=settings.get('result')
)
0 Karma

Builder

Thanks @harsmarvania57 : Any idea if there is a way to send custom payload ?

0 Karma

New Member

Hello, @agoyal . I would just like to ask if you were able to have some solutions with your question? Thank you!

0 Karma

Splunk Employee
Splunk Employee
0 Karma

New Member

Hi @harsmarvania57 ,

I am adding a webhook url http://myhosting.com/splunk_alert and I want to get the result from alert payload. I have nodejs api where I am listing to the post request

app.post('/splunk_alert', function(request, response){
  console.log(request.body);      // your JSON
   response.send(request.body);    // echo the result back
});

Am I getting this correct? is this how I can get the result from the request body from the splunk alert?

Thanks,
Nitin

0 Karma

SplunkTrust
SplunkTrust

Not with inbuilt webhook alert action, I’ll suggest you to create your own alert actions based on your requirement.

0 Karma