Sending Alerts to TheHive


I was wondering if i can send alerts to TheHive with the alerting plugin
Example of request to create an alert :

curl -XPOST -H 'Authorization: Bearer ***API*KEY***' -H 'Content-Type: application/json' -d '{
  "title": "New Alert",
  "description": "N/A",
  "type": "external",
  "source": "instance1",
  "sourceRef": "alert-ref"

Thank you

Hi @hilo21,

I believe you should be able to, are you running into any specific issues?

Hello @dbbaughe.
I am able to using curl but the destinations url doesn’t support ip for custom webhooks and even though i defined my hostname in the hosts file it did not work i don’t know how can i bypass this limitation
Thank you

I went through this issue, and solved it by setting a dummy URL, then directly altering the alert config document:

PUT .opendistro-alerting-config/_doc/<alert-config-id>
  "destination" : {
    "type" : "custom_webhook",
      "name" : "My Custom Web Hook",
      "schema_version" : 1,
      "custom_webhook" : {
        "header_params" : {
          "enabled": true,
          "Content-Type" : "application/json"
        "url" : "http://**X.X.X.X**:8080/alert-me"
1 Like