Webhooks Payloads
The Alert Webhook API sends a summary of alert information to the user's selected URL in JSON format.
Notes
- There is a 10 second delay from alert generation to alert reception in the user's webhook endpoint.
- The alert displayed in F5 Distributed Cloud App Infrastructure Protection (AIP) contains additional data not included in the webhook.
The alert JSON contains the following attribute-value pairs:
| Parameter | Type | Description | Required/Optional |
| created_at | string | Time, in milliseconds UTC, alert occurred | required |
| id | string | A unique alert ID. This value can be used with the Distributed Cloud AIP Rest API to retrieve additional alert information | required |
| organization_id | string | The unique ID of the organization on which the alert generates. If a user belongs to multiple organizations, then this information quickly pinpoints the correct organization. | required |
| severity | integer | Represents the format of the alert Allowed values:1, 2, or 3 |
required |
| server_or_region | string | Host alerts: the server name / CloudTrail alerts: the region name | required |
| source | string | The source of the alert Allowed values: Host, CloudTrail |
required |
| title | string | The title of the alert as displayed in the Distributed Cloud AIP CSP | required |
| organization_name | string | The unique name of the organization on which the alert generates. If a user belongs to multiple organizations, then this information quickly pinpoints the correct organization | optional |