Webhooks Setup

Step 1: In App Infrastructure Protection (AIP)

You configure the Webhook API for your organization in the AIP user interface (UI).

Note

Since the Webhook sends alerts through HTTPS Post, the selected Webhook URL must be HTTPS.

  1. Log into AIP using administrator credentials.
  2. In the left navigation bar, click Settings. The Settings page displays.
  3. Click the Integrations tab. The Integrations page displays.
  4. In the Webhook API section, fill in the following information:
    1. Name – Type a name for the webhook.
    2. Description – Type a description of the webhook.
    3. Webhook URL – Type the endpoint to which to send webhook alerts. The URL must be HTTPS.
    4. Alerts Severity drop-down menu – Select one of the following options:
      1. Do not fire webhook for any alerts
      2. Fire webhook for all alerts
      3. Fire webhook only for Severity 1 and Severity 2 alerts
      4. Fire webhook only for Severity 1 alerts
  5. Click Save. Your Webhook API is configured for your organization.
Step 2: Configure Webhook Network Access

Ensure the following IP addresses are open in the user's firewall to allow the AIP Webhook API to push alerts to the user's webhook endpoints:

  • 52.20.173.142
  • 54.173.79.87
  • 54.174.225.119

AIP expects webhook endpoints to use the default HTTPS port – 443. If a different port is used, then Webhook integrations do not work as expected.

Additionally, the Webserver hosting the endpoint needs to have a valid SSL certificate.

Note

For more information, see Configure Webhook Network Access.

Step 3: Receiving Application

Configure the webhook API in the endpoint that receives alert notifications.

  1. Open the selected endpoint.
  2. Follow the endpoint's instructions to link the AIP Webhook API to the endpoint.

Webhook Concurrency Limit

The AIP Webhook API batches alerts by severity for an organization. The Webhook API pushes the batched alerts to the customer's webhook endpoint every 10 seconds.

For example, you configure the AIP Webhook API to only send you Severity 1 alerts. At 10:00:01 a.m., in the AIP platform, you receive 15 alerts. Five are Severity 1 and ten are Severity 3. The AIP Webhook API batches the five Severity 1 alerts and sends them to your receiving application at 10:00:10 a.m.

Webhook Error Messaging

The AIP Webhook API displays any HTTPS error messages received from the customer's webhook endpoint. Examples include, but are not limited to, rate limits, internal error messages, and moved endpoints.

Related Articles

Was this article helpful?
0 out of 0 found this helpful