Skip to main content
Calico Enterprise 3.21 (early preview) documentation

Webhooks for security event alerts

You can configure Calico Enterprise webhooks to post security alerts directly to Slack, Jira, Alertmanager, or any custom HTTP endpoint.

Before you begin

Your target application must be configured to receive data from the Calico Enterprise webhook.

  • Slack. You must have a webhook URL for the Slack app that you want Calico Enterprise to send alerts to. See Sending messages using Incoming Webhooks for more information.

  • Jira. You must have an API token for an Atlassian user account that has write permissions to your Jira instance. See Manage API tokens for your Atlassian account for details on how to obtain an API token. You also need:

    • Your Atlassian site URL. If you access Jira at the URL https://<your-company>.atlassian.net/jira, then your site URL is <your-company>.atlassian.net.
    • A Jira project key. This is the Jira project where your Calico Enterprise webhook creates new issues. This user associated with your API token must have write permissions to this project.

  • Alertmanager. You must have a webhook URL for your Alertmanager instance to send alerts to. The webhook URL for an Alertmanager service accessible from within your cluster is:

    http://<alertmanager-service>.<namespace>.svc.cluster.local:9093/api/v2/alerts

    Replace the following:

    • <alertmanager-service>: the name of your Alertmanager service.
    • <namespace>: the namespace associated with your Alertmanager service. If no namespace is specified in the Alertmanager service resource, then this value is default.

    Alertmanager integration in Calico Enterprise leverages the API v2 exposed by the Alertmanager. For more information, see the Alertmanager client documentation.

  • Generic JSON. You must have a webhook URL for any other application you want the Calico Enterprise webhook to send alerts to.

Create a webhook for security event alerts

  1. In the web console, select Activity > Webhooks, and then click Create your first webhook.

  2. Enter a Name for your webhook, select which Event types you want to get alerts for, and, under Type, select whether to configure the webhook for Slack, Jira, Alertmanager, or for generic JSON output.

  3. Complete the fields for your webhook type and click Create Webhook.

  4. To check that your webhook is working, find the webhook on the Webhooks page and click Actions > Test Webhook. If your webhook is set up correctly, you should generate a HTTP response.

    Example: Successful HTTP response
    200 OK
    Webhook sent successfully