HTTP/HTTPS/WebHook

overview a webhook (a web callback or http push api) is a way for an application to provide 3rd party applications with real time information it is unlike typical apis whereby the 3rd party application needs to poll for data very frequently to receive information in real time this makes webhooks much more efficient for both the originating application and the receiving 3rd party application iris+™ webhook iris+™ webhook api is designed to push events detected in real time to 3rd party applications by invoking http/s post requests to the endpoint provided by the 3rd party application the iris+™ webhook api is designed to support many 3rd party applications by providing a highly customized data transformation mechanism (using a template engine) to enable the user to design the data structure in line with their needs, rather than re writing their existing http/s endpoint (which is not possible in cases where the user employs a closed commercial package without the ability to modify the api) using the iris+™ webhook api the user can use iris+™ default webhook definitions or customize the data according to their needs step 1 define the integration target login into your iris+™ account and open the integration targets tab under the settings module add integration target of type http, and configure the following settings method provide the http method (the most common use case is post but we support put and get as well) url provide the http url endpoint to which iris+™ will submit the requests note both http and https urls are supported https is recommended for security reasons headers you may provide a list of http headers that will be added to the request by default, the following header is added content type application/json 3\ provide the http method (usually post), url, and http headers the url should use the schema http // or https // as required by the integrated system the http headers are required by the integrated system (e g for security tokens) 4\ name the integration target and save it step 2 define integration action integration actions can be specified in the root (account) level or any folder in the account hierarchy when an event is generated for the sensor, any integration action specified in the sensor's folder or any parent folder (up to the account level) will be invoked, there is no limit on the number of integrations so a single event may invoke several integration actions in the administrator tab, select the folder in the account hierarchy where you want to invoke the integration action, select the integrations tab, add a new integration action, and configure the following settings action name enter a meaningful name such as the type of events being monitored mode select between automatic manual or off type select whether to integrate a detection event or a health event target select the integration target from the list (only targets of type http/s are listed) mime type provide the mime type the default is application/json for the body that includes json format but you may change it (e g if you want the body to include xml, you should provide mime type application/xml) body template you may provide a template to customize the body content you can specify any text you want and use system defined template variables to be replaced by the event attributes at run time when the system shall invoke the integration action click the "?" to see a list of system defined variables click save click the test to verify the integration is working properly you can use this website to test the integration note the iris+ outbound traffic is sent over nat with public ip 34 90 111 200 ensure your firewall settings allow incoming traffic from this ip address contact irisity support customer support technicalsupport\@irisity com mailto\ technicalsupport\@irisity com