Payload
Cada payload de evento es un objeto JSON con propiedades de objetos event y data. El objeto event contiene el evento, y la propiedad data contiene una representación del recurso en el momento en que se emitió el evento.
Eventos Soportados
Payloads de Eventos
incident.created
incident.updated
incident.mitigated
incident.resolved
incident.cancelled
incident.deleted
incident.scheduled.created
incident.scheduled.updated
incident.scheduled.in\_progress
incident.scheduled.completed
incident.scheduled.deleted
incident\_post\_mortem.created
incident\_post\_mortem.updated
incident\_post\_mortem.published
incident\_post\_mortem.deleted
alert.created
pulse.created
Verificación de Webhooks
Cada solicitud HTTP de webhook incluye un encabezado X-Rootly-Signature
, utilizado para verificar que la solicitud provino de Rootly. El encabezado de firma contiene una marca de tiempo con el prefijo t= y una firma con el prefijo v= .
X-Rootly-Signature:
t=1492774588,
v1=6657a869e8ecebeda32affa62cdca3fa51cad7e77a0e56ff536d0ce8e108d8bd
Para verificar la solicitud, concatena la marca de tiempo con el cuerpo de la solicitud y genera un resumen HMAC SHA256 utilizando el secreto del webhook disponible en la configuración del webhook. El resumen HMAC debe coincidir con la firma proporcionada.
require 'openssl'
# Assuming 'request' is an object representing the incoming HTTP request
header = request.headers['X-Rootly-Signature']
parts = header.split(',')
timestamp = parts[0].split('t=').last
signature = parts[1].split('v1=').last
secret = 'webhook secret'
# Reading the request body
request_body = request.body
# Create a signature using HMAC SHA256
expected_signature = OpenSSL::HMAC.hexdigest('SHA256', secret, timestamp + request_body)
# Compare the computed signature with the received signature
is_valid = expected_signature == signature
import hmac
import hashlib
header = request.headers['X-Rootly-Signature']
parts = header.split(',')
timestamp = parts[0].split('t=')[1]
signature = parts[1].split('v1=')[1]
secret = "webhook secret"
# Reading the request body
request_body = request.data # or request.body depending on the framework
# Create a signature using HMAC SHA256
expected_signature = hmac.new(
key=secret.encode(),
msg=(timestamp + request_body).encode(),
digestmod=hashlib.sha256
).hexdigest()
# Compare the computed signature with the received signature
is_valid = expected_signature == signature
const crypto = require('crypto');
// Assuming 'request' is an object representing the incoming request
const header = request.headers['x-rootly-signature'];
const parts = header.split(',');
const timestamp = parts[0].split('t=')[1];
const signature = parts[1].split('v1=')[1];
const secret = "webhook secret";
// Reading the request body
// Ensure that the request body is raw or a string
const request_body = request.body;
// Create a HMAC SHA256 signature
const expectedSignature = crypto.createHmac('sha256', secret)
.update(timestamp + request_body)
.digest('hex');
// Compare the computed signature with the received signature
const isValid = expectedSignature === signature;