Sending Alerts to TheHive

hilo21 · May 17, 2020, 8:48am

Hello,

I was wondering if i can send alerts to TheHive with the alerting plugin
Example of request to create an alert :

curl -XPOST -H 'Authorization: Bearer ***API*KEY***' -H 'Content-Type: application/json' http://127.0.0.1:9000/api/alert -d '{
  "title": "New Alert",
  "description": "N/A",
  "type": "external",
  "source": "instance1",
  "sourceRef": "alert-ref"
}

Thank you

dbbaughe · May 21, 2020, 6:16pm

Hi @hilo21,

I believe you should be able to, are you running into any specific issues?

hilo21 · May 21, 2020, 9:54pm

Hello @dbbaughe.
I am able to using curl but the destinations url doesn’t support ip for custom webhooks and even though i defined my hostname in the hosts file it did not work i don’t know how can i bypass this limitation
Thank you

xenomuta · November 6, 2020, 2:49am

I went through this issue, and solved it by setting a dummy URL, then directly altering the alert config document:

PUT .opendistro-alerting-config/_doc/<alert-config-id>
  {
  "destination" : {
    "type" : "custom_webhook",
      "name" : "My Custom Web Hook",
      "schema_version" : 1,
      "custom_webhook" : {
        "header_params" : {
          "enabled": true,
          "Content-Type" : "application/json"
        },
        "url" : "http://**X.X.X.X**:8080/alert-me"
      }
    }
  }

Topic		Replies	Views
Custom webhook params documentation for `Create Destination` api Alerting	7	7960	November 28, 2020
Opendistro alert the hive Alerting	4	1071	March 6, 2021
Alerting webhook destination Alerting	4	2269	August 31, 2020
Need help to configure the details that are using in custom web hook to send email alerts Alerting troubleshoot	4	1122	February 9, 2022
Issue using custom webhook to write to index in OpenSearch Alerting troubleshoot	2	1342	August 1, 2023

Sending Alerts to TheHive

Related topics