Carga útil

Cada carga útil de evento es un objeto JSON con propiedades de objetos de evento y datos. El objeto de evento contiene el evento, y la propiedad de datos contiene una representación del recurso en el momento en que se emitió el evento.

Eventos compatibles

Cargas útiles de eventos

incident.created
incident.updated
incident.mitigated
incident.resolved
incident.cancelled
incident.deleted

incident.scheduled.created
incident.scheduled.updated
incident.scheduled.in\_progress
incident.scheduled.completed
incident.scheduled.deleted

incident\_post\_mortem.created
incident\_post\_mortem.updated
incident\_post\_mortem.published
incident\_post\_mortem.deleted

alert.created
pulse.created

Verificación de Webhooks

Cada solicitud HTTP de webhook incluye un X-Rootly-Signature encabezado, utilizado para verificar que la solicitud provino de Rootly. El encabezado de firma contiene una marca de tiempo prefijada con t= y una firma prefijada con v= .

Text
X-Rootly-Signature:
t=1492774588,
v1=6657a869e8ecebeda32affa62cdca3fa51cad7e77a0e56ff536d0ce8e108d8bd

Para verificar la solicitud, concatene la marca de tiempo con el cuerpo de la solicitud y genere un resumen HMAC SHA256 utilizando el secreto del webhook disponible en la configuración del webhook. El resumen HMAC debe coincidir con la firma proporcionada.

Ruby
require 'openssl'

# Assuming 'request' is an object representing the incoming HTTP request
header = request.headers['X-Rootly-Signature']
parts = header.split(',')
timestamp = parts[0].split('t=').last
signature = parts[1].split('v1=').last
secret = 'webhook secret'

# Reading the request body
request_body = request.body

# Create a signature using HMAC SHA256
expected_signature = OpenSSL::HMAC.hexdigest('SHA256', secret, timestamp + request_body)

# Compare the computed signature with the received signature
is_valid = expected_signature == signature
Python
import hmac
import hashlib

header = request.headers['X-Rootly-Signature']
parts = header.split(',')
timestamp = parts[0].split('t=')[1]
signature = parts[1].split('v1=')[1]
secret = "webhook secret"

# Reading the request body
request_body = request.data  # or request.body depending on the framework

# Create a signature using HMAC SHA256
expected_signature = hmac.new(
    key=secret.encode(), 
    msg=(timestamp + request_body).encode(), 
    digestmod=hashlib.sha256
).hexdigest()

# Compare the computed signature with the received signature
is_valid = expected_signature == signature
JS
const crypto = require('crypto');

// Assuming 'request' is an object representing the incoming request
const header = request.headers['x-rootly-signature'];
const parts = header.split(',');
const timestamp = parts[0].split('t=')[1];
const signature = parts[1].split('v1=')[1];
const secret = "webhook secret";

// Reading the request body
// Ensure that the request body is raw or a string
const request_body = request.body; 

// Create a HMAC SHA256 signature
const expectedSignature = crypto.createHmac('sha256', secret)
                                 .update(timestamp + request_body)
                                 .digest('hex');

// Compare the computed signature with the received signature
const isValid = expectedSignature === signature;