Webhook connector and action
editWebhook connector and action
editThe Webhook connector uses axios to send a POST or PUT request to a web service.
Create connectors in Kibana
editYou can create connectors in Stack Management > Connectors or as needed when you’re creating a rule. For example:
Connector configuration
editWebhook connectors have the following configuration properties:
- Name
- The name of the connector.
- Method
-
The HTTP request method, either
post
(default) orput
. - URL
-
The request URL. If you are using the
xpack.actions.allowedHosts
setting, make sure the hostname is added to the allowed hosts. - Authentication
- The authentication type: none, basic, or SSL. If you choose basic authentication, you must provide a user name and password. If you choose SSL authentication, you must provide SSL server certificate authentication data in a CRT and key file format or a PFX file format. You can also optionally provide a passphrase if the files are password-protected.
- HTTP headers
- A set of key-value pairs sent as headers with the request.
- Certificate authority
-
A certificate authority (CA) that the connector can trust, for example to sign and validate server certificates. This option is available for all authentication types.
- CA file
- The certificate authority file.
- Verification mode
-
Controls the certificate verification.
-
Use
full
to validate that the certificate has an issue date within thenot_before
andnot_after
dates, chains to a trusted certificate authority, and has a hostname or IP address that matches the names within the certificate. -
Use
certificate
to validate the certificate and verifies that it is signed by a trusted authority; this option does not check the certificate hostname. -
Use
none
to skip certificate validation.
-
Use
Test connectors
editYou can test connectors with the run connector API or as you’re creating or editing the connector in Kibana. For example:
Webhook actions have the following properties.
- Body
-
A JSON payload sent to the request URL. For example:
{ "short_description": "{{context.rule.name}}", "description": "{{context.rule.description}}", ... }
Mustache template variables (the text enclosed in double braces, for example, context.rule.name
) have
their values escaped, so that the final JSON will be valid (escaping double quote characters).
For more information on Mustache template variables, refer to Actions.
Connector networking configuration
editUse the Action configuration settings to customize connector networking configurations, such as proxies, certificates, or TLS settings. You can set configurations that apply to all your connectors or use xpack.actions.customHostSettings
to set per-host configurations.