(Optional) Custom Headers, enter up to five comma separated key-value pairs. For more information, see Example Authorization Header below. 
(Optional) If the third-party system requires an Authorization Header, enter it here. Only HTTPS (port 443) and HTTP (port 80) URLs are supported. This is generated from the remote system’s API. (Optional) Enter a Description for the connection. In the Create Connection dialog, enter the Name of the connection. On the Connections page click the + button on the top right of the table. Go to Manage Data > Monitoring > Connections. You can set up any number of connections, depending on your organization's needs. The first step in integrating webhooks with Sumo Logic is to configure one or more connections, which are HTTP endpoints that tell Sumo Logic where to send data. Setting up webhook connections To configure a webhook connection, you must have a Sumo role that grants you the Manage connections capability. In this case, you won’t see any notifications in the app you’ve configured to receive data. If a scheduled search fails or times out, no data will be sent via webhook. Most services with a REST API should allow you to create a connection using the generic webhook. In addition, the payload of a webhook may be restricted by Sumo or the third party.Īlong with a fully customizable webhook connection, you can quickly create webhooks for: 
There is no limit to the number of webhooks you can send from Sumo Logic, but your third party might impose restrictions. In addition to an alert, you can include a link directly to a search and even a few search results (depending on the third party tool you're connecting to). Webhook connections allow you to send Sumo Logic alerts to third-party applications that accept incoming webhooks.įor example, once you set up a webhook connection in Sumo Logic and create a scheduled search, you can send an alert from that scheduled search as a post to a Slack channel, or integrate with third-party systems. For more information, see Configure webhook allow list using Splunk Web.A Webhook is an HTTP callback: an HTTP POST that occurs when something happens. The target URL must be on the webhook allow list.
From the Add Actions menu, select Webhook. Enter alert details and configure triggering and throttling as needed.įrom the Alerts page in the Search and Reporting app, select Edit> Edit actions for an existing alert. Follow one of the options below.įrom the Search page in the Search and Reporting app, select Save As > Alert. You can configure the webhook action when creating a new alert or editing an existing alert's actions. Set up a webhook when selecting alert actions for an alert. 
"sid" : "scheduler_admin_search_W2_at_14232356_132",ĭepending on the webhook scenario, you can configure data payload handling on the resource receiving the POST.
First result row from the triggering search results. Search ID or SID for the saved search that triggered the alert. The webhook POST request's JSON data payload includes the following details. For more information, see Configure webhook allow list using Splunk Web in the Splunk Cloud Platform Admin Manual. In Splunk Cloud Platform version 8.2203 and higher, before a triggered alert can send a request to a specified URL, you must add the URL to the webhook allow list. You can test that webhooks are triggering by using a webhooks testing site such as. For example, if you want to post a webhook alert to a Slack room, you must follow Slack's webhook instructions to get the correct URL to use. When you set up a webhook alert, you must get the hook URL from the target source. The webhook passes JSON formatted information about the alert in the body of the POST request. When an alert triggers, the webhook makes an HTTP POST request on the URL. For instance, you can set up a webhook to make an alert message pop up in a chat room or post a notification on a web page. Webhooks allow you to define custom callbacks on a particular web resource.
0 kommentar(er)
