The Alert Webhook API sends a summary of alert information to the user's selected URL in JSON format.
- There is a 10 second delay from alert generation to alert reception in the user's webhook endpoint.
- The alert displayed in F5 Distributed Cloud App Infrastructure Protection (AIP) contains additional data not included in the webhook.
The alert JSON contains the following attribute-value pairs:
|Time, in milliseconds UTC, alert occurred
|A unique alert ID. This value can be used with the Distributed Cloud AIP Rest API to retrieve additional alert information
|The unique ID of the organization on which the alert generates. If a user belongs to multiple organizations, then this information quickly pinpoints the correct organization.
|Represents the format of the alert
Allowed values:1, 2, or 3
|Host alerts: the server name / CloudTrail alerts: the region name
|The source of the alert
Allowed values: Host, CloudTrail
|The title of the alert as displayed in the Distributed Cloud AIP CSP
|The unique name of the organization on which the alert generates. If a user belongs to multiple organizations, then this information quickly pinpoints the correct organization