Skip to main content
All CollectionsAlerts and notifications
Getting started with webhooks
Getting started with webhooks

Automate your workflows

J
Written by Josh Peters
Updated this week

The UXI Dashboard can send information to a third-party service via webhooks. Currently, there are pre-defined webhooks for either Slack, Teams, ServiceNow, or there is a generic webhook that can optionally use HTTP Basic auth and send the messages in a pre-defined JSON format.

The content of the webhook message depends on whether your dashboard is using Incident Detection. Incident detection examines issues based on your historical data to identify anomalies and group issues together. Without Incident Detection, webhooks notify you regarding all issues detected for every sensor. With Incident Detection enabled, instead of being notified about every issue, you are only notified about each Incident when the incident is first detected and when it is resolved. Please note that incidents can evolve and more issues may be added to the incident after it is first detected, but no subsequent updates will be sent.

If you want more granular data than the data provided by webhooks, please see the Data Push Destinations feature using the Issue data.

Adding Webhooks

Webhook 1: Generic

Before you begin with the generic webhook, ensure the system you want to use is reachable from our UXI cloud. The following UXI IP addresses should be allowed to communicate with the destination.

  • 54.190.18.21

  • 52.88.224.46

  • 54.71.247.190

  • 34.210.97.95

To set up the webhook from the dashboard, go to Settings -> Integrations and select the Add webhook button.

  • Change the target to Generic.

  • Paste the webhook URL in the URL input field

  • Select an Authentication method - None or Basic Auth

    • Bearer Token authentication - If the destination allows for it to be specified in the URL as a query parameter you can specify it in the URL. This wouldn’t work if the destination only allows for it to be part of the header.

  • Click on Add.

Your webhook should be visible in your webhook list and will be triggered once an issue or incident is detected depending on whether Incident Detection is enabled.


Below is an example of the body of the request to the webhook URL for dashboards without incident detection enabled.

{
'details': ' Sensor: *Sensor1* Network: *YourSSIDName* Service: *Gmail*',
'notification_reference': 5649,
'description': 'External service is unavailable',
'severity': 'error',
'status': 'ALARM',
'start_timestamp': 1590395448
}

Below is an example of the body of the request to the webhook URL for dashboards with incident detection enabled.

{
   "description":"*New incident detected*",
   "details":"New incident detected\n'Incident JUL/2024-026'\n3 sensors affected\n\nIssues:\nGATEWAY_UNREACHABLE\nNetworks affected:\n• uxi_psk\nGroups affected:\n• Group1\n• Group2\n• Group3\n\nIncident began: 2024-07-15 06:45:31.105569+00:00\n",
   "notification_reference":"cd5c2826-0f0e-4bd1-ba64-b0a02f040842",
   "severity":"error",
   "status":"ALARM",
   "start_timestamp":1721025931.105569
}

Webhook 2: Microsoft Teams Incoming Webhook

Caution: According to Microsoft, they would deprecate Office 365 connectors in MS Teams, including Incoming webhooks from Aug 15th, 2024.

In Microsoft Teams, you can create a new channel or use the existing channel to receive alerts from the UXI dashboard.

You can refer to this documentation to create an incoming webhook on the MS Teams channel:
https://learn.microsoft.com/en-us/microsoftteams/platform/webhooks-and-connectors/how-to/add-incoming-webhook?tabs=newteams%2Cdotnet

Navigate to Manage Channel > Settings > Connectors > Add "Incoming Webhook"

Provide Name, upload an image(optional), and then copy the URL

A screenshot of a computer Description automatically generated

Navigate to UXI dashboard, Settings > Integrations > Add Webhook > Select "Microsoft Teams" > Paste the URL > Keep the authentication to "None" > Enabled > Submit.

Once you have incidents on the dashboard, you should able to receive the webhook messages in the Teams Channel. You can validate it by checking the incident panel on the top right side of the UXI dashboard.

Note: MS Teams does not let you create a username-password for the webhook.

This MS Teams webhook should work for incident and non-incident detection enabled customers meaning if you have incident detection enabled you should get incidents as alerts and if you don't then you should get issues as alerts.

Webhook 3: Slack

In order to add a slack webhook, you need to create a slack application. 

  1. Follow the instructions for Slack incoming webhooks here

  2. Copy the webhook URL generated by slack. 

It should look something like this 

https://hooks.slack.com/services/xxxxxxxxxx/xxxxxxxxx/xxxxxxxxxxxxxxxxxxxxxxxx


3. On the dashboard, Click on the add webhook button 

  • Change the target to Slack

  • Paste the URL in the URL input field

  • Select None for Authentication

  • Click on Add


All alerts will now be published to the appropriate Slack channel. In our case the channel is #webhook-test and the result is as below

Webhook 4: ServiceNow

This is a little more in-depth as it requires configuration on ServiceNow.

Below are the steps to create your webhook with ServiceNow. 

  1. Navigate to Scripted REST API

2. Create your API

  • Click on the new button to start creating your API

  • Give your API a name and an ID

  • Click on the submit button to save this API

3. Select your API and create a new unauthenticated resource

  • After creating your API, you are redirected to a list of APIs. 

  • Search for your API and select your API

  • Create a new resource by clicking on the new button at the bottom of the page. 

4. Use the script below as a template

This example shows how to create a POST request. We will be using it to post an alert. The alert details are contained in 

request.body.data.text

5. Final script for REST API:

(function process(/*RESTAPIRequest*/ request, /*RESTAPIResponse*/ response) {

gs.info(request.body.data);

var action = request.body.data.action;
var inc = new GlideRecord('incident');

if (action == 'open_incident') {
inc.initialize();
inc.short_description = 'Incident created from WebHook';
inc.comments = request.body.data.text;
inc.insert();

gs.info('Incident created');

return {
"uri": request.uri,
"url": request.url,
"sys_id": inc.sys_id,
};
} else if (action == 'close_incident') {
inc.get(request.body.data.sys_id);
inc.state = 7;
inc.update();

gs.info('Incident closed');
}

})(request, response);


6. An example Incident from ServiceNow

Once this is done, on the dashboard, you just have to add the webhook to the dashboard.

On the dashboard, Click on the add webhook button 

  • Change the target to ServiceNow

  • Paste the Webhook URL in the URL input field. In our case https://ven02658.service-now.com/api/arune/cape. This is a combination of the base (https://ven02658.service-now) and resource path (/api/arune/cape).

  • Select the Authentication method for your webhook

  • If None is selected, proceed to the next step

  • If Basic is selected, type in Username and Password and proceed to the next step

  • Click on Add

All alerts will now be published to the defined URL. Please note that incidents on ServiceNow will auto close when all issues on an alert (incident) have been closed or no longer ongoing.

Note: Some of the webhooks when you try to configure using a generic option, require data to be received in a specific JSON format. for example MS Teams Webhook hence feature requests can be entered in AIZ for such requests.

Editing Webhooks

  • In the Webhooks section, click on the webhook you would like to edit. This opens up the edit modal, and you can modify the webhook.  

  • Click Save to save your changes.

Deleting Webhooks

In the Webhooks section, click on the webhook you would like to delete.

This opens up the edit modal, and you can click on the red trash can to remove a webhook. Please note that this will not delete the configuration on your service side.

Did this answer your question?