Webhooks use HTTP POST to send data to other apps when specific warnings are received. The source notifies the target application that is set up for the webhook via HTTP request each time an alert is generated. Webhooks, which automatically transmit messages using HTTP POST to target apps when an event occurs, are supported by SD-WAN Orchestrator. Through the Enterprise interface, you can configure the destination URL and schedule actions to be taken in response to the alerts that SD-WAN Orchestrator generates. In order to protect the privacy of potentially sensitive alert payloads, the webhook recipients need to support HTTPS and have active certificates. This also stops payload tampering.
The Alert Configuration window’s Webhooks page lets you set up the following information:
|
Option |
Description |
|
URL |
Provide an actual HTTPS URL. For the purposes of the webhooks, this is the target application. |
|
Code |
Type in the HTTP response status code that you want each webhook receiver to get. When an HTTP POST request is sent, the SD-WAN Orchestrator expects webhook receivers to return an HTTP 200 status code. SD-WAN Orchestrator creates an ALERT_DELIVERY_FAILED customer event when it gets an unexpected status code from a destination server or a proxy server. This means that the alert delivery failed. This event helps you figure out when a webhook destination server might not work the way it should. |
|
Secret |
To compute an HMAC for each webhook request sent to a configured recipient, you must first specify a secret token for that recipient. An X-Webhook-Signature HTTP header contains the HMAC, a timestamp, and a version parameter that specifies the signature algorithm. X-Webhook-Signature: v=<signature-version>&t=<timestamp>&s=<hmac> The components are interpreted by the recipient as follows: • v: The algorithmic version that generated the signature. One is the only supported value. • t: The millisecond-precision epoch timestamp that represents the request’s issuance time. • s: The SD-WAN Orchestrator calculated the HMAC. This is how the HMAC is calculated: SHA-256(request-body + ‘.’ + secret, timestamp). The message that is used to compute the HMAC is created by concatenating the request body, a single period, and the value of the timestamp parameter that is present in the signature header. This message is transmitted to the recipient. HMAC-SHA256 is the particular HMAC algorithm that was utilized in the production of the code. After the listening server has received a Webhook request, it is able to verify the legitimacy of the request by constructing its own HMAC-SHA256 signature using the same algorithm. The listening server then compares the freshly computed signature with the signature that was generated by the SD-WAN Orchestrator. |
|
JSON Payload Template |
This field must be filled in. The alerts are sent to each webhook receiver by SD-WAN Orchestrator through a JSON payload that is sent as the body of an HTTP POST request. As notifications are sent, SD-WAN Orchestrator creates payload information on the fly by using variable interpolation. In the user-configured payload template, the available placeholder variables are changed to values that are unique to the alert. |
|
Verify |
To verify the entered information, select this option. |
To configure the following, click the Configure Payload Template link located beneath the JSON Payload Template option:
