Webhooks for security event alerts
You can configure Calico Cloud webhooks to post security alerts directly to Slack, Jira, or any custom HTTP endpoint.
Before you begin
Your target application must be configured to receive data from the Calico Cloud webhook.
- Slack. You must have a webhook URL for the Slack app that you want Calico Cloud to send alerts to. See Sending messages using Incoming Webhooks for more information.
- Jira. You must have an API token for an Atlassian user account that has write permissions to your Jira instance.
See Manage API tokens for your Atlassian account for details on how to obtain an API token.
You also need:
- Your Atlassian site URL. If you access Jira at the URL
https://<your-company>.atlassian.net/jira
, then your site URL is<your-company>.atlassian.net
. - A Jira project key. This is the Jira project where your Calico Cloud webhook creates new issues. This user associated with your API token must have write permissions to this project.
- Your Atlassian site URL. If you access Jira at the URL
- Generic JSON. You must have a webhook URL for any other application you want the Calico Cloud webhook to send alerts to.
Create a webhook for security event alerts
-
In Manager UI, select Activity > Webhooks, and then click Create your first webhook.
-
Enter a Name for your webhook, select which Event types you want to get alerts for, and, under Type, select whether to configure the webhook for Slack, Jira, or for generic JSON output.
-
Complete the fields for your webhook type and click Create Webhook.
-
To check that your webhook is working, find the webhook on the Webhooks page and click Actions > Test Webhook. If your webhook is set up correctly, you should generate a HTTP response.
Example: Successful HTTP response200 OK
Webhook sent successfully