Webhook provide a way for notifications to be delivered to an external web server for configured Plerion Alerts.
Users can add their Webhook configurations into Plerion to receive relevant alerts. A request is sent to the configured Webhook integration whenever a Plerion Alert is created, updated or resolved.

Add a Webhook Integration to Plerion

  1. On the Plerion Dashboard, Click on Settings and click on Integrations.
Tenant Settings
  1. Click the ‘Webhook’ + button.
Outbound
  1. Provide Name, Webhook URL, Secret and Additional Headers(if any) for the integration. Once you have filled the required fields, you can click on Send a Test Message to send a test request to your Web server.
    • Click here to know more about security token.
    • Additional Headers are optional field. These are extra headers that you would like to send along with the request from Plerion.
Test message
  1. Click ‘Add’ to add the Webhook integration.

Secret token and Signature

With the provided secret token, Plerion uses it to create a hash signature with each payload. This hash signature is included with the headers of each request as plerion-signature. A secret can be any alpha-numeric values and special characters upto 32 characters. Plerion uses an HMAC hex digest to compute the hash. The hash signature starts with sha256=, using the key of your secret token and your payload body.

Validating payloads using secret token

To verify that the payload is from Plerion,you can compare HMAC of the payload against the one sent in plerion-signature header. For this you can set the provided secret as an environment variable on your server and perform necessary operations. Please be advised to not code your security token into you app. You can follow the examples below for implementing a signature validation:
TypeScript
   import * as crypto from "crypto";

   const WEBHOOK_SECRET: string = process.env.WEBHOOK_SECRET;

   const verify_signature = (req: Request) => {
   const signature = crypto
      .createHmac("sha256", WEBHOOK_SECRET)
      .update(JSON.stringify(req.body))
      .digest("hex");
   return `sha256=${signature}` === req.headers.get("plerion-signature");
   };

   const handleWebhook = (req: Request, res: Response) => {
   if (!verify_signature(req)) {
      res.status(401).send("Unauthorized");
      return;
   }
   // The rest of your logic here
   };

Payload

Whenever alerts are created, updated, or resolved, Plerion sends alert notifications to your server in the form of individual HTTP POST requests for each respective workflow that includes webhook integration. These requests will have the following format in their body:
JSON
{
   "data": {
      "tenant": "<tenant_name>",
      "integration": "<integration_name>",
      "integrationUrl": "<integration_url>",
      "workflow": "<workflow_name>",
      "workflowUrl": "<workflow_url>",
      "alerts": [
         {
            "id": "<alert-id>",
            "title": "<alert_title>",
            "description": {
               "resource": "<resource_name>",
               "alertUrl": "<plerion_alert_url>",
               "resourceType": "<resource_type>",
               "alertSummary": "<array_alert_summary>",
               "status": "OPEN or RESOLVED"
            },
            "operation": "CREATED, UPDATED or RESOLVED"
         }
      ]
   }
}
  • tenant: Name of the Tenant
  • integration: Name of the Integration
  • integrationUrl: URL for the Integration.
  • workflow: Name of the Workflow
  • workflowUrl: URL for the Workflow.
  • alerts: Array of the alerts that were created/updated/resolved. Properties inside alerts array are described below:
    • id: Contains the unique identifier integer of the Alert
    • title: Contains the title of the Alert
    • resource: Contains name of the resource or N/A if no asset is linked to the alert. [Unavailable if status/operation is RESOLVED]
    • alertUrl: URL to alert on Plerion
    • resourceType: Contains type of the resource for OPEN status. [Unavailable if status/operation is RESOLVED]
    • alertSummary: An array containing summary of the generated Alert. [Unavailable if status/operation is RESOLVED]
    • status: Signifies the status of the alert. Can be OPEN or RESOLVED
    • operation: Signifies the operation of the alert. Can be CREATED or UPDATED or RESOLVED.