Your flight is delayed, the airline app alerts you by sending you an instant text message. Your package is delivered at your door and the shipping service sends you an instant notification. These alerts and confirmations have now become the norm in any service or application that you use. Instant real-time notifications have made life a lot easier and efficient.
The power of a webhook? Webhooks are what enable these real-time notifications. You can generate notifications in an application by firing a webhook whenever the app triggers an action or event. The application sends these notifications to a webhook-receivable URL, along with the data payload. Data changes trigger the API in the app to send notifications. Because webhooks and APIs facilitate syncing and relaying system changes/events between two applications, we now have greater control over our decisions
How to Integrate with Cohesity Webhooks?
Cohesity supports webhooks which send a Cohesity Alert to any server that is listening to the incoming webhook requests. Several Cohesity integrations use this feature — one of them is ServiceNow. ServiceNow receives the alert payload from Cohesity and uses it to create an incident so that someone can look into the alert. To learn more about this, read the Use Webhooks to Manage Cohesity Alerts in ServiceNow blog.
While working with other monitoring and incident management tools, we realized that these tools accept the payload in a certain format. These tools then try to read a certain field in the payload then try to map it to the incident/ticket which has been created for the payload. To support different applications that can send its payload, developers have to write some custom code logic to map the payload to the fields in the monitoring tool. In some cases, the developer may also have to spin extra infra to catch the webhook and modify it in a way the tool expects it. This is how Cohesity is integrated with some tools to ensure that the incidents are accurately created. Remember, this can be cumbersome because you need to spend some time writing this custom logic for every monitoring tool. This will add to the development time that you spend to integrate with such tools.
Cohesity’s New Customized Template Data Payload
Cohesity eases the integration process with the new customized template data payload, part of the latest Cohesity release. With this feature, you can send the payload in any customized format as a template with placeholders, which are keywords that get resolved to their actual values. The tool replaces these placeholders with the actual values of the generated alert. Below is the list of the placeholders that you can send.
Placeholder | Description |
---|---|
$alertType | The alert type. It defines the Cohesity Platform component that triggered the alert. |
$alertId | Unique Alert Identifier. |
$alertName | Alert Name. |
$alertDescription | A brief description of the problem that triggered the alert. |
$alertSeverity | The severity rating of the alert. |
$alertCategory | The alert category. |
$alertCause | A brief description of the cause of the problem. |
$alertHelpText | A link to a possible solution for this alert. |
$languageCode | The language in which this alert is created. |
$alertURL | A link to this alert on the cluster. |
$firstOccurrenceUsecs | Epoch timestamp of when this alert first occurred. |
$lastOccurranceUsecs | Epoch timestamp of when this alert last occurred. |
Use these placeholders and construct a custom payload you want to send to your tool. You can select whichever field you want to send under your desired key. To create a custom payload, pass the payload as shown in the following example:
--template {
"name": "$alertName",
"severity": "$alertSeverity",
"category": "$alertCategory",
"description": "$alertDescription",
"cause": "$alertCause",
"time": "lastOccurranceUsecs",
"link": "$alertURL"
}
In case you haven’t specified a template, the default payload will be sent.
{
"alertType": "13021",
"alertId": "1234",
"alertName": "NodeRebooted",
"alertDescription": "Node with ID 1234 rebooted",
"alertSeverity": "kCritical",
"alertCategory": "kNodeHealth",
"alertCause": "Node rebooted.",
"alertHelpText": "Please refer to KB for details/resolution.",
"languageCode": "en-us",
"alertUrl":"https://prod.cohesity.com/monitoring/alerts/alert/1234:5678",
"clusterName": "dell01",
"clusterId": "1234",
"alertCode": "CE001234",
"alertProperties": {
"node_id": "123431",
"node_ip": "prod.cohesity.com",
"alert_description": "Node rebooted due to power failure.",
"reason_string": "Node Rebooted."
},
"firstOccuranceUsecs": "1574289325258262",
"lastOccuranceUsecs": "1574289325258262"
}
You can customize the Webhook URL path with placeholders as shown in the following example. Here, alertName=$alertName is the placeholder.
http://example.webhooksite.com?name=$alertName&severity=$alertSeverity
With this invaluable new feature, you need not write any custom logic to interpret the data payload sent by Cohesity because you can send the payload in the exact format the tool expects. The benefits are multifold: Integrating Cohesity Alerts with any monitoring tool has now become very easy and straightforward. And it saves a lot of time too. See Configuring Webhooks in Cohesity product documentation to learn more and let us know how it worked for your integration.